Openness vs. security Q&A: Steer clear of unsolicited e-mail

Q: I have read that among the biggest computer security threats are the networks of infected computers that send unsolicited e-mail. Evidently, those machines are often infected when the user receives an e-mail, and clicks a link within that e-mail. The link leads to a site that infects the user's computer with software that turns the machine into a zombie.

I receive a lot of unwanted e-mail, and I am very good about not clicking links in e-mail that have questionable provenance. But I would like to opt out and try to reduce the amount that I get. However, my fear is that these opt-out links are just a ploy to get you to a site that will infect your machine. Is that a strong possibility? Should I bother with these opt-out links, or does the potential for harm outweigh the possibility that I will actually receive less unsolicited e-mail? By the way, I do use anti-virus software on my computer and keep it current.

— Michael Gibbons, Bellevue

A: As a general rule, if you're being offered the chance to opt out of something you never opted in for, don't. If the proffered opt-out is via e-mail, it's probably from a spammer and your "opt out" message simply confirms to the spammer that your address is a good one. If that's the case, you'll end up with more, not less, unsolicited mail.

And, yes, if the supposed opt out is via a link that takes you to a Web site, you could well be exposing yourself to malicious software. It's good that you're running anti-virus software, but even up-to-date anti-virus software can be a step behind. That's why it's important to develop and stick to good Internet habits.

Q: I was wondering why we as a nation have to constantly put up with hackers from all over the world? Why don't we have a separate United States Internet? I am sure that wouldn't resolve the whole problem, but I am sure it would reduce it by magnitudes. If that bothers the pundits who champion an open Internet for everyone to use, let them keep the existing one. Then it would be optional for me to sign on to the existing one or just the U.S. one, where I would be 99 percent of the time. I suppose the military and the government could do the same.

— Forrest E. Butler, Kingston

A: If only it were that simple. Fact is, there are both technological and political hurdles to securing the Internet.

First, it's important to understand that the Internet is actually a network of computers running on both public and private communications channels and employing the TCP/IP software protocol for data communications. So when you propose a "separate United States Internet," do you mean that we should have our own isolated network hardware, software or both?

It would be pretty difficult to isolate the hardware, since Internet transmissions take place not only over land lines, but also via wireless and satellite transmissions, and these channels of communications are used for other purposes as well, including telephone and television transmissions.

Constructing a separate physical network for a U.S. Internet would not only be very, very expensive, but it would isolate us in some undesirable ways from the rest of the world. At the same time, there's nothing to keep hackers inside or outside the country from tapping into our "separate" network.

A more feasible solution is to develop "unhackable" software for managing data communications on the existing infrastructure. In fact, researchers have developed protocols and encryption techniques for secure communications that are very difficult for hackers to crack.

No, these techniques are not 100 percent secure, and they are in most cases either expensive or awkward for consumers to implement. So they are used primarily by government, financial institutions and other corporations.

Some experts have proposed restructuring the architecture of the Internet to make it easier to track activity as a way to deter hackers. Such proposals, however, are often criticized by those concerned with privacy rights.

As with most other public forums, in short, the Internet involves a lot of political trade-offs. The more public and accessible the Internet is, the more vulnerable it tends to be. And the more secure networks on the Internet are made, the more isolated those networks become.

Questions for Patrick Marshall may be sent by e-mail to pmarshall@seattletimes.com or pgmarshall@pgmarshall.net, or by mail at Q&A/Technology, The Seattle Times, P.O. Box 70, Seattle, WA 98111. More columns at www.seattletimes.com/

columnists.