(2 of 2)
THE HOLE IN THE WEB: The latest vulnerability to come to light is a flaw in the World Wide Web-the fast-growing zone within the Internet where thousands of businesses are setting up shop. According to an advisory issued on the Internet last week by a programmer in Germany, there is a "hole" in the software that runs most Websites. This entry point allows an intruder to do anything the owners of the site can do. According to Cheswick, most of the Websites were using software that puts them at risk.
Underscoring the pitfalls for businesses, investigators say that one of Mitnick's computer files contained 20,000 credit-card numbers of subscribers to Netcom, an Internet-access provider based in San Jose, California. According to Emmanuel Goldstein, publisher of 2600: The Hacker Quarterly, his readers have known for months that Netcom's credit files were stored out in the open, easily accessible from the Internet. Why weren't those files off-line, or at least encrypted? Netcom officials won't comment.
So what will make the Internet safe from hackers? Avoiding obvious security flaws like Netcom's would be a start. Another would be to adopt more sophisticated password systems, like the calculator-size "dongle" that researchers at Bell Labs carry around to generate new passwords for each Internet session. The ultimate solution, experts say, would be to encrypt all communications between computers. But that could eat up valuable computer-processing time, make the networks less friendly and add minutes to every online task. And who, besides Kevin Mitnick, has any time to spare these days?