Hacker's Delight

By Chris Taylor

I know what gadget I want for my birthday this year. It's the same thing I've lusted after for a couple of birthdays now, and I'd trade in all the socks, ties and humorous cards about aging if only I could have it. Unfortunately, I can't, because it's a cable modem--which lets you traverse the Net at about 20 times the speed of a 56K modem--and cable-modem service is very spotty right now. In Manhattan, for example, I'd have to live between 59th and 67th Street, or in the ultra-hip East Village. Service will arrive in my slightly less hip corner of the West Village in fall 2000, which is way too late to help with my dream of downloading every last music track on MP3.com

The other bad news on cable modems--and this is why I'm a little mollified that I can't have one yet--is that they're more vulnerable to hacker attacks than regular set-ups. You see, one of the strengths of surfing via cable is that you're online 24 hours a day and don't have to disconnect every time you want to order Chinese food. But that can also be a weakness, because your IP address (the ZIP code of the Internet) doesn't change. Dial-up users like me who are still crawling along at 56K get moved to a different IP address every time we log on. We may be slower, but we're harder to find.

Hackers like an easy target, and computers hooked up to cable modems are potentially the lowest-hanging fruit of all. Especially if they're running Windows. For reasons known only to itself, Microsoft makes its operating system default to friendly mode, entirely open to network sharing. This means when you hook your brand-new PC up to your brand-new cable modem, you unwittingly become a node on a massive network whose members can come and look around your hard drive, perhaps download your financial records.

But the most common attack reported by hacker watchers makes use of a Trojan horse. These are programs with bizarre names like Back Orifice or Net Bus that can be hidden in an e-mail attachment--say, one of those animated birthday cards people seem to like e-mailing. Once you open it, you've installed the software--and the wily hacker has remote control of your PC.

To be sure, dial-up users get hit by Trojans too. But all the extra bandwidth provided by cable modems makes hackers salivate. If you've hooked up a microphone, the remote-access hacker can listen to your conversations in real-time. If you own one of those little monitor-top video cameras, he can watch you like Big Brother.

Now here's the good news. Such attacks are still rare; they can easily be detected; and all it takes to prevent them is common sense. Turn off file sharing in your network control panel. Add password protection to your most precious files. And for goodness' sake, don't ever, ever open an e-mail attachment from someone you don't know and trust like family.

The even better news is that cable-modem providers like Road Runner (partly owned by Time Warner, parent company of this magazine) and Excite@Home are working on bigger and better firewalls to help stop snooping. Since they're twice as fast as DSL phone lines, cable modems are worth the risk. They will never be hackproof, but they should be a lot safer by the time my next birthday rolls around. This year, I'll have to settle for socks again.

For more on cable modems and how to protect them, see timedigital.com Questions for Chris? E-mail him at [email protected]