BBC Home
Explore the BBC
BBC News
Launch consoleBBC NEWS CHANNEL
Last Updated: Monday, 24 October 2005, 09:14 GMT 10:14 UK
Keeping net users safe from harm
As another web safety campaign launches this week, technology analyst Bill Thompson wonders if it can make a difference.

Two girls on a computer
Children safety groups are involved in the initiative
It is time to "get safe online", at least according to the latest government-backed internet safety campaign.

Or rather, it will be very shortly, since at the moment the campaign website consists of a single page announcing "a joint government and private sector initiative aimed at helping consumers and small businesses to use the internet safely".

But it will surely be an exciting, compelling and informative multimedia experience once it goes live.

The idea, as with so many other campaigns, is to persuade computer users in homes and small businesses to understand online threats better and to help them figure out what to do to protect themselves.

It is depressing to think that there are still people out there who connect their Windows computers to the net without a firewall, anti-spyware program and up-to-date anti-virus services in place, but this is clearly so.

Even Mac and Linux users, smug though they can sometimes get, need to understand security issues, apply patches and protect themselves from the public network with a firewall.

And it can only be a matter of time before we hear about the first virus or worm for the PlayStation Portable, since it comes with wireless internet built-in.

Corporate support

The lead body behind Get Safe Online is the National Hi-Tech Crime Unit, which has quite an impressive track record when it comes to promoting security awareness in the business world. They have been working on it for nine months under the codename Project Endurance, but now it is ready to go live, with support from companies including BT, HSBC, eBay and Microsoft.

Bill Thompson
It will be interesting to see if my dad, a silver surfer with almost no awareness of the damage that malware could do to his computer, hears about the campaign and asks me about it
They have also tried to pull in the children's safety campaigners, and I know that Childnet International is playing a part because my daughter is on their children's panel and has reviewed some of the material, though I have not seen it myself.

Microsoft, eBay and the banks are not spending their money just out of a sense of duty, though. The campaign is partly motivated by fear on the part of online retailers and internet providers, who have noticed that people are getting increasingly nervous about shopping and banking online.

They hope that an educational campaign will counter this trend and reassure those who currently stay offline because they are worried.

I am in favour of attempts to raise awareness, especially since the spammers and phishers work hard to get under our defences. I am already receiving spam offering to sell me Tamiflu without prescription, and I am pretty sure that if I bought some my credit card details would be "borrowed" for other purposes.

But I also think that the software companies, internet providers, computer manufacturers, website designers and e-commerce sites are really to blame, because they have built a network which is fundamentally insecure and open to fraud, theft and abuse. Making the users do all the work is adding insult to injury.

However we have to work with what we have got, and changing the internet is a long-term project.

In the meantime, better education is a good start, although I doubt that we will find a section on this corporately-funded site that explains why modern software is so full of bugs and how the software companies manage to sidestep any liability for the damage that might be caused by it.

It will be interesting to see if my dad, a silver surfer with almost no awareness of the damage that malware could do to his computer, hears about the campaign and asks me about it.

Unfortunately all the good work done by the campaign could be undermined by a rather disturbing court case which concluded recently.

Conflicting advice?

Earlier this month Londoner Daniel Cuthbert was fined under the Computer Misuse Act for doing what almost every website advises, checking to see whether the company he was dealing with online really were who they claimed to be.

After he had made a donation to a website raising funds to help victims of the Asian tsunami, he noticed that he did not receive a confirmation message, and became concerned that he had fallen victim to a phishing scam and had revealed his credit card details.

Mr Cuthbert went a bit further than most because he is a security consultant, but he did not hack into anyone's servers or damage anyone's data. He probed the server using some fairly standard network security tools in order to check it out.

He was satisfied, and reckoned that the server had simply failed to operate properly because he was not using Windows and Internet Explorer.

Unfortunately the systems administrators noticed his probe and panicked, thinking they were being hacked into. As a result he was raided and arrested, and eventually convicted under the Computer Misuse Act.

The Act, which was passed in 1990, makes it an offence to alter a computer without permission, but it is so vague about what counts as a computer and what counts as altering that, it could be used to prosecute someone who set your video to record a programme without asking first.

In this case it seems to me that it has been used to make a criminal out of someone who seems to have been simply following the advice given on the government's trading standards website, where it tells you to "look for information about the protection the company has put in place".

If those who have the technical skill to take this advice seriously are going to end up being prosecuted this can only undermine the message coming from the new safety campaign.

Perhaps the Hi-tech Crime Unit should be talking to the politicians about sorting out the law so that they can avoid this sort of foolishness in future.

Bill Thompson is a regular commentator on the BBC World Service programme Go Digital

The BBC is not responsible for the content of external internet sites


Americas Africa Europe Middle East South Asia Asia Pacific