Try digitalPLUS for 10 days for only $0.99

Readers Respond

News Opinion Readers Respond

Security is found off-line

More than a decade ago, I ordered a book from a publisher specializing in technical books. I then received notice that my credit card information, along with hundreds of others, had been compromised by an Internet hacker who had penetrated the publisher's computer files.

Yet I had placed my order by phone. There was no need to involve my order with the Internet.

From this, I learned a lesson not yet learned by many: Sensitive information should not be stored on any computer connected to the Internet, directly or indirectly. Any corporation of any size needs to have an intranet not connected to the outside world. This single step would have preserved my information, and the plans of the F35 fighter, and the security of the Iranian nuclear centrifuges. So how is Internet-based business and communication to be handled? There are multiple solutions.

My father (a career U.S. Army officer) told me that there was no such thing as perfect security. The objective is to make finding your secrets very difficult and very expensive, in the hope that some of them at least would be preserved. But security measures are themselves inconvenient, difficult and expensive. They are the price of doing business in a wired world.

A first step is to adopt less popular and therefore inherently more secure systems software. This means Linux instead of Windows, Apache instead of IIS. No one ever hacks my computer or plants a virus in it. And I have no anti-virus software.

Or a custom set of operating system and Internet host software could be developed and kept secret for use only by certain government offices. A merchant doing business via the Internet could set up a system whereby every order is immediately printed out in a standard format. As soon as the order data was in queue for the printer, the original data would be deleted. The printed orders would then be scanned into a scanner attached to the local intranet. An OCR program would translate them back into a data file. This system is a bit awkward but it is near 100 percent safe from hacking via the Internet. A hacker would have to intercept every order as it was completed. And the internal delay is minor.

An aerospace company could and should store all its blueprints and other classified data on a local intranet. If any of them needed to be shipped to another branch, another company or the DOD, paper or microfilm copies could be shipped via the U.S. Postal Service or by private courier.

There is always the human element. Those who have access to secret material could always compromise that material. This means that the eagerness of NSA and others to get the brightest young minds needs to be tempered by security concerns. And large organizations need not a single intranet but several, sealed off from each other.

Communications to and from field installations of the military and the U.S. State Department could be accomplished by courier pouch. Electronic means should be reserved for true "flash" messages in times of crisis.

Security is everybody's business. Abandoning the great convenience of the Internet to a degree is the price we must pay.

John Culleton, Eldersburg

Copyright © 2015, The Baltimore Sun
Related Content
  • Reining in the surveillance state

    Reining in the surveillance state

    In a sign that the possibility of bipartisan cooperation in Congress is not completely dead, lawmakers on both sides of the aisle have moved closer to a consensus on modifying the U.S. Patriot Act, which authorizes the government's secret spying program targeting the private phone calls and email...

  • Spying forever

    Spying forever

    Ever since former National Security Agency contractor Edward Snowden's revelations last year that the NSA was collecting information on the phone calls and emails of millions of U.S. citizens without their knowledge or consent, lawmakers have been assuring the public they will act to amend the...

  • Intelligence reform bill is important to safeguarding our security and privacy

    Intelligence reform bill is important to safeguarding our security and privacy

    A recent Baltimore Sun editorial described legislation to reform the government's collection of Americans' phone and email data as a sign that "bipartisan cooperation in Congress is not completely dead" ("Reining in the surveillance state," May 5). We'd like to remind The Sun that similar legislation...

  • Unaccountable intelligence agencies [Letter]

    Unaccountable intelligence agencies [Letter]

    Attorney and former CIA officer Matthew Ferraro contends that U.S. intelligence agencies operate within "strict legal controls under the review of lawyers embedded at all levels, inspectors general, courts and Congress" ("The Snowden stigma," June 9).

  • Intelligence community has only itself to blame [Letter]

    Intelligence community has only itself to blame [Letter]

    Again, we have the "blame the media" scenario ("The Snowden stigma," June 9). A former intelligence officer tries awfully hard to make this point: "Edward Snowden's leaks and their media coverage have unfairly maligned the intelligence industry." But blaming the media for reporting the unprofessional,...

  • Snowden didn't call himself a hero but he's acted like one [Letter]

    Snowden didn't call himself a hero but he's acted like one [Letter]

    I was surprised by your editorial on the NBC interview with Edward Snowden ("Snowden speaks," May 29).