Copyright © 1994 by Tracy LaQuey and Editorial Inc.
Now that you've learned what you can do on the Internet and a bit about how it works, it's time to cover a few "advanced Internet topics." The Internet is more thanjust how-to. It has its own culture, its own myths and legends. There are fantasy games on the Internet that become a world unto themselves for many of the players. You should know, too, about the organizations dedicated to the Internet and to network users. And there are some technical niceties--such as directory services and advanced methods for finding email addresses--that you can master if you're willing. Technical necessities, like computer security, are a must-read. A "Finding More Help" section of this chapter gives some direction for times when you need additional information or help with an Internet problem.
Put a few million people together anywhere, even in electronic cyberspace, and they'll develop some kind of culture--a fabric of shared experiences, shared recreation, shared fears, shared rules of behavior--that makes them all feel part of a community. The Internet's formal and informal codes of conduct were discussed in Chapter 3. Now it's time to learn about some of the less tangible aspects of the Internet culture, the Net legends, and the notable--and notorious--subculture of network games.
Probably everyone knows at least one story that qualifies as an "urban legend"--a story that, while it may have started with a grain of truth, has been embroidered and retold until it has passed into the realm of myth. It's an interesting phenomenon that these stories get spread so far and so fast--and so often. Urban legends never die--they all just seem to end up on the Internet! You won't be on the Internet long before you start seeing references to these legends. Experienced Internet users have seen some of these old chestnuts come around regularly for years.
The following stories document the most well known of the bunch. You will probably be exposed to these, or variations of the theme. Be "street smart" and wary of any posting promising fame and fortune, or asking you to forward a message far and wide. Check the source before you act.
The FCC Modem Tax Scare is a classic example of an Internet legend that refuses to die. Several years ago, a proposal surfaced in Washington to put a telecommunications tax onmodems. The tax was quickly squashed in a congressional committee, and it was not--repeat not--under reconsideration at the time this book was published. But you wouldn't know that from some users of the Internet. The scare resurfaces continually on the networks, just like Jason from the Friday the 13th movie series, riling new users at the prospect that their new-found electronic freedom is about to be taxed. Even since the first edition of this book was published (November 1992), people still report modem tax sightings.
The FCC story is essentially innocuous, although its constant recycling through the Internet wastes people's time, as well as network resources. It has also created a "cry wolf" situation, and if another modem tax ever is proposed, it will certainly be harder to mobilize the opposition. Imagine the damage, though, of a malicious rumor or flat-out lie, broadcast around the world again and again. After you imagine it, promise you'll think twice before you forward anything, and check the facts before you do.
Dave Barry, noted author and nationally syndicated humor columnist for the Miami Herald, is an Internet regular. His column, released worldwide on the Internet through the ClariNet UPI news service (called clari.feature.dave_barry), has been keeping users entertained on a weekly basis for several years. Wanting to understand the erudition and sensitivity of his articles, thousands of jacked-in Dave followers formed a USENET newsgroup called alt.fan.dave_barry. There, fans from Waterloo to Waxahachie discuss his articles and books, recent Dave sightings, those witty postcard replies to his fans, and his thriving presidential campaign in 1992 (his catchword was "A Catchy Slogan Should Appear Here"). When asked what he thought of his electronic devotees, the Internet, and this book, Barry had this to say: "I think it is truly a wonderful thing that, through the Miracle of Computers, millions of people can read my column instead of leading productive lives." Humor abounds on the Internet, and even researchers and educators have been known to search out a laugh.
Back in the mid-eighties, a British seven-year-old named Craig Shergold was diagnosed as having an inoperable brain tumor. Craig wanted to set the Guinness record for receiving the most get-well cards, and his efforts got worldwide publicity, from mimeographed sheets to email pleas.
Shergold is in his late teens now, and he's doing just fine; his brain tumor was successfully treated. He did set the Guinness record for get-well cards in 1989, and has gotten more than thirty million cards to date. That's the good news.
Incredibly, however, the Craig Shergold story keeps circulating on the Internet, as fresh as the day it started. Sometimes it mutates into requests for postcards or business cards, but otherwise the story is the same. The hospital where Craig was treated is still being buried with cards. The Shergolds (Craig's parents), the hospital--even Ann Landers--have sent out pleas to stop the flow, but the story has taken on a life of its own, and the cards keep rolling in. In short, the situation has taken on a nightmarish quality for all involved. The hospital and post office, which have to cope with all the mail, sell some of it to stamp collectors and paper recyclers. Guinness has discontinued the category to prevent anything like this from happening again.
So, if you see a plea on the network for cards for a little boy who's dying with a brain tumor, pass it up. And pass the word that Craig Shergold is doing just fine. No more cards, please !
The promise of easy and fast money is one that few people can resist. Combine some ambitious entrepreneurs with the broadcast capability of the Internet, and there's bound to be trouble. Enter the latest class of chain letters, the "Make Money Fast" genre. This type is basically a digital pyramid scheme on fast forward. If you don't want to "Lose Your Friends" or "Lose Your Internet Access," just say no to chain letters and pyramid messages in general. Chain letters violate every known acceptable policy. So don't send them.
Speaking of things not to send--everyone hates junk mail, but Internet users hate it even more. In fact, they're fighting back with a vengeance. You may be tempted to take advantage of the Internet for your business marketing programs, but consider the consequences before broadcasting commercial product and service advertisements: literally thousands of angry people will bombard your email box and tie up your phone to tell you how much they don't appreciate your doing that. A recent widely publicized case involved a lawyer in Arizona who sent a description of his services to more than 9,000 USENET newsgroups. He received over 30,000 email messages, and it's probably safe to say that none of them are fit to print in this book.
Just because the current models of advertising and direct mail don't work doesn't mean that you can't use the Internet to promote your products. It's perfectly acceptable to provide a database or archive with details of your offerings that people can peruse when they want to. Some recommended books and journals that explain this new fine art of doing business in cyberspace are listed in the Appendix.
Jayne Levin is an independent businesswoman who has successfully substituted Internet know-how for start-up capital to fund her own newsletter.
She uses the Internet for interviews, production, reviews, marketing, and sales. After one year, her newsletter has been very successful, and she expects it to be profitable after the first year of publication.
"I decided to launch The Internet Letter after exploring and writing about the Internet for a year, feeding my intellectual curiosity and seeing its power to help companies cut communications costs, gather corporate intelligence, and leverage scant resources.
"As a start-up company, I didn't have much money . . . and no staff. I knew I had to conserve funds to make this venture work. The Internet offered invaluable resources, including desktop publishing software that was much less expensive than similar software sold at a computer store.
"With an Internet account that cost only $15 a month, I greatly reduced long-distance phone bills, conducting interviews online. I also cut my research costs by accessing CARL (Colorado Association of Research Libraries) through the Internet. CARL, a free database service, provides abstracts (sometimes full text) on articles that have appeared in national dailies and other publications.
"The Internet also provided a vehicle to distribute and sell my newsletter. I announced the availability of the premiere issue, including subscription information, on several Internet mailing lists. Within hours, information about my newsletter was forwarded to other mailing lists and people around the world. I was contacted, via email, by a person in the former Soviet Union who asked for permission to translate the newsletter into Russian. I received requests for trial subscriptions from people in Turkey, India, Brazil, Cuba, Singapore, and Israel, and others used the electronic subscription coupon to sign up as charter subscribers."
Just about every computer user has at least one game tucked away somewhere--the kind you play surreptitiously when the boss isn't watching or when you've got a bad case of writer's block. The Internet is no exception. There are shareware and freeware games you can download for your own computer, as well as game newsgroup discussions and email lists. Games are played on the Internet, too. There's the Trivia USENET Newsgroup, whose participants have gotten past naming all the seven dwarfs and have now moved on to higher-order thinking--naming all the characters in sitcoms from long ago (Gilligan's Island, the Brady Bunch, Laverne & Shirley). Try the Weekly Trivia Contest on the USENET newsgroup rec.games.trivia .
As you might imagine, the "big" games on the Internet tend to match the network itself in scale and complexity, and they are a world and culture unto themselves. Generally, the games--with names like Galactic Bloodshed, Empire, Multi-User Dungeons (MUDs), and MUD-Object-Oriented (MOOs)--are adventure, role-playing games or simulations. Devotees call them "text-based virtual reality adventures." The games can feature fantasy combat, booby traps, and magic. Players interact in real time, and can change the "world" in the game as they play it by creating environments, rules, and characters.
All the games demand an intense learning process to figure out all the characters and game idiosyncrasies, not to mention the rules. They can be extremely addictive--small-time players may spend no less than an hour or so a day.
Some people literally spend all of their waking hours in the game. Many of the game players seem to feel the need to leave their mark on the game, and generations of game variations have evolved. Empire, for example, a military simulation written by Peter Langston, has five or six multi-player spinoffs and a single-player version. According to The New Hacker's Dictionary, all of the Empire games "are notoriously addictive."
In most games, new players take on a persona and then participate in the game. To quote from the Frequently Asked Questions document for Multi-User Dungeons, "You can walk around, chat with other characters, explore dangerous monster-infested areas, solve puzzles, and even create your very own rooms, descriptions, and items. You can also get lost or confused if you jump right in." If these games sound interesting, check out the USENET newsgroups under the hierarchy rec.games.muds or alt.mud. Read the postings there and then study the Frequently Asked Questions (FAQs) documents for "your" games.
Computer security is a major issue no matter where you go, what type of computer you use, or whether or not your computer is connected to a network. No doubt you've heard stories about break-ins on the Internet and would like to know what should concern you. You might be wondering, "Can people read my email? Can they login to my computer? Will my computer get a virus?" This section will provide some insight into security on the Internet and the answers to those questions.
First of all, you should realize that despite its military origins, the Internet is not a classified network. The ARPANET was a network research experiment, so there was a lot of collaboration, with information being transferred between machines and researchers. Collaboration is difficult if computers are locked up tight. Besides, the ARPANET was a small community, and users left their doors unlocked, just as trusting folks in small towns do. Today, the Internet is a massive cooperative with tens of thousands of networks--several orders of magnitude larger than the ARPANET--all "tied" together. And because there's still a lot of research being conducted, it's still considered an open, "sharing" network. That doesn't mean, however, that security is not an issue. Sensitive information is stored on computers on the Internet and is therefore vulnerable to attack from intruders. To further complicate matters, the Internet has spread its tentacles worldwide. Any computer directly connected to any network is potentially at risk if proper precautions are not taken.
What's not so secure about the Internet? Basically, the computers--different computers running different operating systems, each with its own characteristics, bugs, misconfigured software, and so forth. The security of each computer is the responsibility of a system administrator. When a new computer arrives at an organization, all the factory-set passwords and network configurations need to be changed; if they're not, the host will be an easy target for break-ins and outside attacks. Surprisingly, many system administrators don't bother to seal well-known security holes, or they may not know about them. Since all parts must work together to make the entire Internet secure, it's probably best to assume that things just aren't and act accordingly. If you follow a few simple rules, you'll probably be okay. Well-publicized compromises in security have happened and will continue to happen. Fortunately, when they do, lessons are learned, "holes" or weaknesses get fixed, problems are highlighted, and the Internet takes another step toward becoming more secure.
A simple multi-user role playing game in cyberspace called Multi User Dungeons (MUDs) may turn out to be the key to an entirely new approach to education. Recent Internet explorers playing MUDs saw new applications for these interactive, virtual worlds that were far from the Dungeons and Dragons and Star Trek realms of the early MUDs and their derivatives.
In an attempt to incorporate education and distance learning into the virtual environment, MIT's MicroMUSE (Multi User Simulated Environment) University laid the foundation for educational uses of a technology once viewed cynically as a time-wasting and resource-gobbling game.
Over the last two years, virtual colleges have begun to appear. Unlike traditional online, email-based distance learning classes, virtual colleges provide micro-worlds that enhance the subject matter being presented and provide environments in which students and faculty interact in real time. Typical of these new environments are DeanzaMUSE at De Anza College in Cupertino, California, and MariMUSE at Phoenix Community College in Phoenix, Arizona.
DeanzaMUSE is a precise replication of the "real" De Anza college. Students and faculty easily navigate this virtual environment based on their familiarity with the actual college. At the same time, the VR (virtual reality) campus serves as a metaphor for navigating the information resources of the Internet. For example, the DeanzaMUSE campus planetarium has specialized links to astronomical resources around the world, the Euphrat Gallery features exhibits of JPEG images drawn from a variety of sources, and the Bio-Sciences classrooms access data from similar programs at major universities and research centers. DeanzaMUSE has recently expanded to include links with local high schools, Cupertino City Hall, corporate neighbors, and several local businesses.
Phoenix College offers a credit course through its Language Arts division taught entirely on MariMUSE. Students and faculty log on to the Internet from their homes, offices, or classrooms and attend regularly scheduled classes. Depending upon the course being offered, class might be held on the deck of a Viking ship, at a street corner in New York City, or in a quiet study in sixteenth-century England. With nearly two years of experience in the newly emerging field of virtual instruction, MariMUSE instructors are doing pioneering work in the development of instructional tools and techniques.
Virtual colleges may provide an entirely new and highly cost-effective environment in which to explore education in the twenty-first century.
The press regularly reports on hackers breaking into computers and causing damage. The term hacker seems now to describe any denizen of the night or fourteen-year-old out on an electronic joyride. Actually, a more accurate term for these computer hooligans is cracker. Hacker in the computer world is a term of respect--hackers are basically nuts about computers and like to learn systems inside and out. Real hackers aren't angels, but they don't get their kicks from breaking into other systems to exploit holes and snooping in someone else's information. Most break-ins are accomplished by incredible patience and brute force. There isn't anything magical about those who do it. "Cookbook" recipes, giving step-by-step instructions on how to break into certain systems, have even been published over the network.
mudhead n. Commonly used to refer to a MUD player who sleeps, breathes, and eats MUD. Mudheads have been known to fail their degrees, drop out, etc., with the consolation, however, that they made wizard level. When encountered in person, all a mudhead will talk about is two topics: the tactic, character, or wizard that is supposedly always unfairly stopping him/her from becoming a wizard or beating a favorite MUD, and the MUD he or she is writing or going to write because all existing MUDs are so dreadful!
As a user of the Internet, you can't do much about fixing security problems if the computer you're using to access the Net is not your own. There is, however, something very important that you can and must do. You can stop an intruder in his or her tracks simply by being responsible about the password(s) you use.
Most levels of service on the Internet require some type of authentication to prove it's really you accessing the service. Most of the time, this involves a user identification and a password to allow access. Your userid is usually well known (you give it out so people can send email, for example), so the only way you can protect yourself is with a secret password. Your password is the key to the locked door of your account or your electronic mail service. Most common security problems can be prevented by simply being careful with your password.
If an "undesirable" gets your password and uses it to enter your account uninvited, worse things can happen than just your files being looked at, modified, or deleted. Crackers have been known to post articles to newsgroups or mailing lists from accounts they shouldn't be using. You may find that, without your knowledge, "you" made an insulting, politically incorrect statement that infuriated everyone who read it. No matter how many follow-up apology messages you send to rectify the situation, damage will have been done. A lot of people may not get your real message, and many who do won't believe you.
Never give anyone your password without a valid reason. When you do give it to someone so that he or she can obtain necessary information or perform an action, change the password as soon as he or she is done. If you get an account on another system, such as a public database or bulletin board, do not use the same password that you use on your local system. You have no way of knowing where it is stored or how private passwords on other systems are. Don't write your password down and leave the paper in an obvious place, such as in the desk drawer next to your computer. Some computers tell you upon login when you were last seen on that account. You should check to make sure it agrees with when you were really last logged in to that computer. If there's a discrepancy, call your system administrator.Copying the scams in which callers try to get your credit card number over the phone, some potential intruders call or send email claiming to be a system administrator. These con artists will tell you that, for various reasons, you need to change the password for your account to the one they provide you. Be careful of anyone claiming to be a system administrator. If you're not sure, get a telephone number and call back or try to see the individual in person.
An easily guessed password is one of the most common causes of security problems. If you don't know how to change your password, put it at the top of your list of things to learn. Passwords should never be based on your own name--not even your name spelled backwards. They should also not be easily guessed, such as your husband's or wife's name, girlfriend's or boyfriend's name, the dog's name, your license plate, the street where you live, your birthday--you get the picture. Passwords also should not be dictionary words. Crackers often use online dictionaries and programs to guess words by "brute force."
So what can passwords be? There's nothing left to pick, right? Well, be creative. Take your favorite saying--"Take a long walk off a short pier"--and use the first letters from each word, "TalwoasP." (It's recommended that the word be at least six characters long.) This way the password is not a word, but it's easy to remember and hard to guess. You can also combine words, such as "baby-cakes." It's also recommended to mix some numbers with the letters and throw in some punctuation for pizzazz, but never make your password all numbers.
You can't point-and-click on CompuServe to make toast in Cairo, but way out on the frontiers of Internet development, the cognoscenti are whipping up elegant hacks to do just that.
TGV, Inc., a networking software company in Santa Cruz, California, first got involved in networking home appliances at a chance meeting between then TGV Technical Support Manager Stuart Vance and Simon Hackett of the University of Adelaide. In December 1989, Stuart was in Adelaide for a networking conference, and discovered in conversation with Simon a mutual love of perverse (interesting) computer and networking applications. Simon had been developing control hardware and software for multimedia applications. They decided that it should be easy to extend control across a network, using the TCP/IP network management protocol SNMP (Simple Network Management Protocol).
Upon returning home, Stuart managed to persuade TGV management to fund Simon's development of a custom controller to interface to a Pioneer Stereo system. {geekspeak on} Pioneer components have a "remote in" jack in the back, allowing them to be controlled by TTL signaling. The custom controller Hackett developed included a 68,000-based microprocessor, a chip to generate TTL signals, and a serial interface. Engineers at TGV wrote a small IP stack for the microprocessor, and Hackett and Vance ported the Epilogue Technology SNMP agent to run on the controller. Additionally, they developed (but never quite completed) a home electronics SNMP Management Information Base for selecting input (CD, tuner, cassette deck, phonograph), volume, tuner band and frequency, and other standard stereo features. {geekspeak off} The world's first network-manageable stereo system debuted at INTEROP 90.
The stereo system project led to further collaboration between TGV and Hackett, including:
one of two independent implementations of an SNMP-manageable Sunbeam toaster;an SNMP-manageable Sony 60-disc CD jukebox; and the Interphone, a scheme for audio communication over TCP/IP.
Simon has since founded Internode Systems, a networking company in Australia, and continues to work with Stuart on connecting unconventional (and conventional) devices to the Internet.Perhaps Hackett and Vance were influenced by Stephen Wright (a comedian), who several years ago told this story: "In my house, there's this light switch that doesn't do anything. Every so often, I would flick it on and off just to check. Yesterday, I got a call from a woman in Germany. She said, 'Cut it out.'"
Can they read it? Yes, they can. That doesn't mean that there is always someone out there reading your email. With millions of people on the Internet, individual messages most likely get lost in the crowd. But you need to realize that once email leaves your system, it may sit on another computer hundreds or thousands of miles away, and you have no control over who has access to it. What if that computer has a liberal security policy, or is full of security holes? The best thing to do is to realize that your email is not going to be secure, and to avoid transmitting sensitive material, as already recommended in Chapter 3. Even if no one reads your email while it's in transit, the recipient could forward the message on to whomever he or she pleases.
It is physically possible to "tap" networks, just like tapping telephone lines. And if someone is able to do that, he or she can read anything going across those wires. But all hope is not lost-- there are ways to make your email more secure. One way is to encrypt it before it leaves your computer. Encrypt means simply that it's encoded into something that no one else can read without the proper key (the digital equivalent of a Captain Marvel decoder ring). Upon receipt, the message must be decrypted on the recipient's machine. There are no automatic mechanisms available in the Internet right now to encrypt email, but if you have the necessary software on your computer, you can do it.
An increasing number of people are interested in the privacy of their correspondence, and a number of programs and solutions are popping up to assist them. An Internet standard called Privacy Enhanced Mail(PEM) will take some of the worry out of sending "naked" email. PEM provides for, among other things, encryption and authentication services. (Authentication ensures that it's really you who's sending the message.) PEM implementations are unfortunately not in widespread use yet, but they've begun to proliferate, and may be coming soon to an email application near you. Another encryption program in use on the Internet is called Pretty Good Privacy(PGP), and it's used a lot outside the United States. If you're interested in learning more about PEM and PGP, check the "Security" section in the Appendix.
Copyright © 1994 by Tracy LaQuey and Editorial Inc.