- Email: [email protected]
Book review: Cipher systems
-
10
-
The book also takes a look at Local Area Networks and the implications for security. In summary we would say that this book is very useful for both the large and small user of mini computers and for that reason is highly recommended.
CONVICTS TRAINING SCHEME STOPPED
The 650 convicts who trained in computer programming under the sponsorship of Honeywell, will be disappointed to hear that the era is over. Sixteen years ago, Honeywell set up the scheme for convicts to train in computer technology. The prime site was the Framlingham Prison just outside Boston. Awards were won for the courageous scheme but its merits were always open to debate. Some people, of course, said that training convicted thieves and robbers in computing was like teaching Dracula to suck blood with a 10 Horse Power pump rather than manually. Others said it provided a useful job-catching skill and gave convicts the chance to get back into society. Which view you take will depend to a great extent on your own background, experience and your views of society generally. Whatever a person's philosophical position might be, the Framlington training was rudely interrupted when, about a year ago, the prison's computer centre was raided by the cops and a number of trainee programmers taken quickly to the slammer. It transpired that they had been running a company called CON PUTER SYSTEMS as a partnership and were suspected of collecting money for their private bureau work. It was also alleged that they had been running an illegal gambling and narcotics service: all automated with state support. Last month, in the Middlesex County Superior Court, five of the prisoners, who had been charged with tax evasion on their undisclosed earnings, were acquitted on the grounds that the prosecution failed to produce the "exculpatory evidence" for the defence. What this seems to mean, is that the prosecution did not provide the accused with evidence which would have assisted in their defence.
BOOK REVIEW: CIPHER SYSTEMS
Cipher Systems, by Henry Beker & Professor Fred Piper. Published by Northwood Books, Northwood House, 93-99 Goswell Road, London EClV 7QA; Tel: 01-253 9355, price E14.95 (paperback), E27.95 (hardback). The book starts off with a good review of the subject matter and explains the approach adopted by the authors, something which is sadly lacking in most technical publications. The general attitude adopted is "that things are as bad as possible" and this gives the reader a picture of the worst possible situation, and a touch of the fighteners. Each chapter is introduced separately and explained at a level whereby it should be possible for most people concerned with One can then security or auditing a computer system to comprehend. read on slowly getting more involved in detail until the end of the chapter, where you are presented with exercises to test your understanding of the topic.
Volume 5 Number 7
-
11 -
As the book assumes "the worst", no commercial cost analysis is provided and such a judgement would have to be entirely at the discretion of the reader, depending on the application. The readership of this bulletin would probably be more interested in the chapter on Applying Cipher Systems which amongst these topics describes key management and EFT systems. The section on key management describes most current systems and how they operate but unfortunately the reader is not able to easily extract the pro's and con's of the alternatives listed. Also this list assumes, again, a worst case situation and does not list less severe alternatives which would be relevant in most cases. In respect of EFT the book concentrates on Point of Sale and Cash Card technology but does not touch on interbank EFT systems or other commercial systems that require authentication to establish liability.
COMPUTER SEMINAR
CRIME
Department of Trade and Department of Industry in the UK is organising a special seminar to coincide with a meeting of the OECD Working Party on Computer Security. Subscribers to the Bulletin will be recieving a special invitation to attend what promises to be a unique event. It will give delegates the chance to put their views directly to the OECD representatives who will be speaking and attending the seminar. For the first time in at least 4 years, the British Police Fraud Squad is allowing one of its senior members to speak. This is a refreshing change and should open up the way to much interesting discussion. Not least of all, because the Police representative was recently reported (in an edition of 'Computing') as having said "Many companies use private consultants to investigate possible computer frauds. These consultants find the perpetrator and try to secure the system. They can only get lasting results by reporting to us. These investigators have good reason to frighten people about the vulnerability of their computers. There is money to be made". A number of these consultants, including Ken Wong of BIS (and the Editor) will be keen to see what justification the Police Officer has for this view. The article continued to outline some of the cases handled by the Fraud Squad and makes some good points about the difficulty of prosecuting computer fraud. The idea that the problem of "computer fraud" is exaggerated is possibly true, in some cases, and there are certainly some scare stories about. But it is difficult to be convinced that fraud committed in a computer environment is a not a problem when you are involved in currently handling; one fraud of $25 million another of approximately El1 million two 'technical cases' amounting to over E3 million an out and out computer fraud of E500 000 plus a number of smaller cases involving games playing and computer freaking. Only two of these cases are, or will be, in Police hands and in both of these the computer aspects are not being featured.
10
-
The book also takes a look at Local Area Networks and the implications for security. In summary we would say that this book is very useful for both the large and small user of mini computers and for that reason is highly recommended.
CONVICTS TRAINING SCHEME STOPPED
The 650 convicts who trained in computer programming under the sponsorship of Honeywell, will be disappointed to hear that the era is over. Sixteen years ago, Honeywell set up the scheme for convicts to train in computer technology. The prime site was the Framlingham Prison just outside Boston. Awards were won for the courageous scheme but its merits were always open to debate. Some people, of course, said that training convicted thieves and robbers in computing was like teaching Dracula to suck blood with a 10 Horse Power pump rather than manually. Others said it provided a useful job-catching skill and gave convicts the chance to get back into society. Which view you take will depend to a great extent on your own background, experience and your views of society generally. Whatever a person's philosophical position might be, the Framlington training was rudely interrupted when, about a year ago, the prison's computer centre was raided by the cops and a number of trainee programmers taken quickly to the slammer. It transpired that they had been running a company called CON PUTER SYSTEMS as a partnership and were suspected of collecting money for their private bureau work. It was also alleged that they had been running an illegal gambling and narcotics service: all automated with state support. Last month, in the Middlesex County Superior Court, five of the prisoners, who had been charged with tax evasion on their undisclosed earnings, were acquitted on the grounds that the prosecution failed to produce the "exculpatory evidence" for the defence. What this seems to mean, is that the prosecution did not provide the accused with evidence which would have assisted in their defence.
BOOK REVIEW: CIPHER SYSTEMS
Cipher Systems, by Henry Beker & Professor Fred Piper. Published by Northwood Books, Northwood House, 93-99 Goswell Road, London EClV 7QA; Tel: 01-253 9355, price E14.95 (paperback), E27.95 (hardback). The book starts off with a good review of the subject matter and explains the approach adopted by the authors, something which is sadly lacking in most technical publications. The general attitude adopted is "that things are as bad as possible" and this gives the reader a picture of the worst possible situation, and a touch of the fighteners. Each chapter is introduced separately and explained at a level whereby it should be possible for most people concerned with One can then security or auditing a computer system to comprehend. read on slowly getting more involved in detail until the end of the chapter, where you are presented with exercises to test your understanding of the topic.
Volume 5 Number 7
-
11 -
As the book assumes "the worst", no commercial cost analysis is provided and such a judgement would have to be entirely at the discretion of the reader, depending on the application. The readership of this bulletin would probably be more interested in the chapter on Applying Cipher Systems which amongst these topics describes key management and EFT systems. The section on key management describes most current systems and how they operate but unfortunately the reader is not able to easily extract the pro's and con's of the alternatives listed. Also this list assumes, again, a worst case situation and does not list less severe alternatives which would be relevant in most cases. In respect of EFT the book concentrates on Point of Sale and Cash Card technology but does not touch on interbank EFT systems or other commercial systems that require authentication to establish liability.
COMPUTER SEMINAR
CRIME
Department of Trade and Department of Industry in the UK is organising a special seminar to coincide with a meeting of the OECD Working Party on Computer Security. Subscribers to the Bulletin will be recieving a special invitation to attend what promises to be a unique event. It will give delegates the chance to put their views directly to the OECD representatives who will be speaking and attending the seminar. For the first time in at least 4 years, the British Police Fraud Squad is allowing one of its senior members to speak. This is a refreshing change and should open up the way to much interesting discussion. Not least of all, because the Police representative was recently reported (in an edition of 'Computing') as having said "Many companies use private consultants to investigate possible computer frauds. These consultants find the perpetrator and try to secure the system. They can only get lasting results by reporting to us. These investigators have good reason to frighten people about the vulnerability of their computers. There is money to be made". A number of these consultants, including Ken Wong of BIS (and the Editor) will be keen to see what justification the Police Officer has for this view. The article continued to outline some of the cases handled by the Fraud Squad and makes some good points about the difficulty of prosecuting computer fraud. The idea that the problem of "computer fraud" is exaggerated is possibly true, in some cases, and there are certainly some scare stories about. But it is difficult to be convinced that fraud committed in a computer environment is a not a problem when you are involved in currently handling; one fraud of $25 million another of approximately El1 million two 'technical cases' amounting to over E3 million an out and out computer fraud of E500 000 plus a number of smaller cases involving games playing and computer freaking. Only two of these cases are, or will be, in Police hands and in both of these the computer aspects are not being featured.