http://www.wired.com/news/culture/0,1284,42923,00.html
by Michelle Delio
2:00 a.m. Apr. 14, 2001 PDT
Technical ignorance is an excuse used by too many parents and teachers
in their failure to teach kids cyberethics, computer security
consultant Winn Schwartau says.
So Schwartau wrote a book, Internet and Computer Ethics for Kids, to
educate both computer-savvy youngsters and technically challenged
adults.
Schwartau has been honored for his security work by heads of
governments and the military in the United States and Europe, and has
written or contributed to a dozen well-regarded books on computer and
Internet security.
But some educators and security consultants aren't thrilled with
Internet and Computer Ethics for Kids.
Schwartau hangs around with hackers, and that troubles some people.
Others fret over the fact that his book doesn't present all forms of
hacking as illegal or unethical, or -- for that matter -- doesn't
state that any particular activity is strictly right or wrong.
Schwartau said he deliberately avoided sermonizing in his book,
wanting instead to help kids create their own code of ethics.
"Kids do not need or want to be preached to by me or by anyone,"
Schwartau said. "They want to grow and think and make a few mistakes
along the way. Didn't we?"
He believes that presenting kids with the unadorned facts is far more
effective than simply telling them what they ought and ought not to
do.
"Parents have to work with their kids as a team," Schwartau said. "It
takes time, yes. It takes love, yes. And it takes flexible cooperation
-- not absolutes. The Net is not static, ethics are bendable and
parents must be bendable too."
Some kids agree.
"No one my age wants some adult to tell you that their way is the only
way to do things," said Jason Mollin, 15, a student at New York's
Brooklyn Technical High School.
"It's like drug education -- teachers tell you not to do any drugs,
but drinking is totally sanctioned by society. What's up with that?"
Mollin continued. "When old people start preaching at you, you can
almost always find some hypocrisies or bullshit in what they say, and
that just makes you want to go right ahead and do whatever they told
you not to do."
But some adults feel that Schwartau should have defined and delineated
cyberethics more clearly in his book.
Schwartau's longtime friend Mitch Kabay, of security firm Atomic
Tangerine and a contributor to the book, said that he doesn't like the
book because it is too "ethically neutral."
Others wonder whether Schwartau, who coordinates the raucous "Hacker
Jeopardy" game at DefCon -- the world's largest hacker conference --
is the right person to write a book about cyberethics.
"Should someone who consorts with computer criminals be advising our
kids about computer crime?" wondered psychologist Amy Lepen, a
Manhattan psychologist who works with children who have been involved
with the legal system.
(Lepen has only read excerpts from Schwartau's book, which will be
published in May.)
Schwartau is no stranger to controversy.
His first book, The Complete Internet Business Toolkit, written with
Chris Goggans, the editor of hacker magazine Phrack, was banned from
export out of the United States because of its frank discussion of
encryption.
Internet and Computer Ethics for Kids includes chapters on hacking,
passwords, phreaking, privacy, viruses, spam, software piracy, online
stalking, pornography, plagiarism and hacktivism.
Schwartau provides a legal section for each chapter, intended to serve
as a guideline to help adults and kids decide "what is black and white
as far as the law is concerned," but confines his discussion of do's
and don'ts to a discussion of the situations that a kid might find
him- or herself in.
Often the presented situations have no rigid right or wrong answer,
but Schwartau still manages to make a strong case for being kind,
respectful, and honorable, without ruling out the occasional
exploration into the depths of a computer system.
"Hacking and cyber-ethics need not be in conflict," said Jeff Moss,
founder of DefCon and BlackHat, a computer security service.
"You can be a hacker and be ethical at the same time."
Schwartau said he first began thinking about writing a computer ethics
book for kids in 1992 when he realized he had inadvertently taught his
daughter how to hack passwords during their father-daughter trips to
the local Office Depot store.
"I guess I was at fault with my daughter.... We'd go play with
computers at Office Depot or wherever, and I'd get frustrated because
of the passwords the store used to keep people like me and my daughter
from really using the machines. So, yeah, I guess, I hacked into
them," he said.
"However, I also told her 'don't ever hurt the computers, because
that's not fair or right.'"
But a few years later, when he discovered his youngest son was hacking
into the neighbors' computers, Schwartau decided to put all of his
current projects on hold to write the book.
"My son somehow discovered that hacking is a people issue, and that is
how he gathered up the neighbor's passwords, by 'shoulder surfing' -
looking over their shoulders as they typed in their passwords, a
classic social engineering trick," Schwartau said.
Schwartau said that he pretended to call the FBI when he found out
what his son was doing.
"And my son was terrified. So I said 'Well, I guess I could help you
fix it if you promise never to do this again.' I made him go to the
neighbors, tell them what he had done and also what they needed to do
to make themselves more secure," Schwartau said.
"He got a lesson for life in cyberethics. And I realized that schools
don't teach this. And 99.9 percent of parents can't teach this. So I
wrote a book about it."
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Mon Apr 16 04:47 CDT 2001