The most important thing to do in a crisis is to keep your cool. It's also the most difficult thing to do, and some of us aren't doing very well after the attacks in Washington and New York. Much of the stress comes from the misinformation that's circulating. Bad data rarely leads to good decision-making.
Misinformation is leading other stressed-out people in Washington to support bad legislation. For example, US Attorney General John Ashcroft is calling for legislation allowing law enforcement to tap the calls of people who may be switching telephones. And obscured in the cries for a new wiretap law is the fact that we already have one to cover just that situation. It's probable that Congress will discuss rescinding our newly confirmed rights to use decent encryption technology.
I'm concerned that Congress is going to ban encryption technology that lacks a government-approved back door. That is the worst possible thing that could happen for the future of e-commerce because then we have no guarantee that transactions will be secure. Do we need more outlaws than we currently have?
I'm also concerned about the use of government-sponsored tools such as Carnivore and Echelon. They are certainly necessary given the current alert, but what happens after the crisis subsides?
In America we have a track record of discarding civil liberties in the name of national security, and it's time we changed that. We can give up our penknives, nail clippers, and screwdrivers before boarding an airliner. We can't give up essential rights to privacy and security, even though our officials seem ready to do so. There's a big difference between being alert and being jumpy. I think we're still jumpy and we're making some bad decisions.
I'm writing this column the week the Nimda worm sprung up, and frankly, it feels like deja vu all over again. Most of you can guess what I have to say, but I'll hit the high points for you again.
Don't open strange attachments or attachments from strangers. My mum knows not to double-click on an attachment called read.exe -- any users who still don't understand this are asking for a pink slip.
Patch your servers religiously, even if upper management objects to the downtime. The Nimda worm doesn't use just one exploit; it tries 16 known security holes. Know your systems' normal behaviour and watch for spikes in network traffic or resource use that may signify an attack.
Remote workers and telecommuters should use personal firewall hardware and software at all times. Always-on connections are subject to always-on attack, but dial-up users aren't immune.
Corporate firewalls should use egress and ingress filtering to block traffic using spoofed IP addresses. Router vendors should enable this by default in future OS releases.
PJ Connolly covers groupware, messaging, networking, and security for the InfoWorld US Test Center.