In the past year, Richard Smith, Phar Lap Software CEO turned security guru, has uncovered what appear to be privacy breaches in the practices of RealNetworks, Amazon and DoubleClick. Last September, Smith retired from Phar Lap to focus on Net security and privacy issues. PC World spoke to Smith to uncover his views on Internet privacy, where it is going, and what you can do to protect yourself.
PCW: You've become the unofficial guru of Internet security. How did this happen?
Smith: My interest in privacy really started with the flap about the Pentium III serial number [in January 1999]. I ended up looking at the use of Ethernet address tracking numbers and was surprised at how often they were being used as GUIDs. They're almost like a Social Security number for your computer. The number itself doesn't say who you are, but the fact that it goes into databases all over the Web is depressing.
PCW: What, in your opinion, is the biggest threat to consumers on the Net?
Smith: As you surf the Web, sites across the board are watching what you do, creating profiles, learning all about you. I'm concerned that all of this data is going to be combined in one big database . . . The biggest problem is that a lot of tracking is not disclosed . . . Companies like DoubleClick . . . [are] getting a lot of information that's frankly none of their business.
PCW: What advice would you give wary Netizens today?
Smith: The main thing is: computers, like elephants, never forget. Be careful what information you provide Web sites . . . If you're registering your toaster, there's no need to tell them your yearly income. Be careful what you say in newsgroups. You can write something today, and three years later really regret it. Remember, the Net is still new. It's like a 12-year-old kid, still trying to find its way. A lot of issues - like hacking, privacy, and security - will get worked out over the next five years