While they probably will not go mainstream this year, wireless application protocol (WAP) that allows devices like mobile phones or the Psion and Palm Pilot personal organisers to access the Internet are expected to be a big growth business starting in 2001.
At least, that is what cryptographers and other computer security specialists think. They have to look at trends well in advance to start figuring out how to keep safe the information sent over networks.
This week, Internet access over wireless communications was the hot topic of the RSA Conference in San Jose, the largest annual gathering of security specialists in the world.
Wireless is expected to be so central in the future that it will help drive the widespread adoption of cryptography - the encoding of information sent over digital networks - according to leading security analyst Joe Pescatore of technology industry analysts Gartner Group.
"There's a lot of reasons why wireless will spur crypto," he said. Primary among them is a predicted explosion of wireless access to the Internet, coupled with "a general feeling that the airways aren't safe" for the transmission of information. Most analysts are betting that wireless Net access will translate into e-commerce via simple wireless devices as well.
Gartner is predicting that 40 per cent of business-to-business electronic commerce transactions outside of the US will be by wireless by 2004, for example, creating "user pull" for cryptographic security solutions.
The emphasis on wireless has meant that Europe has had a much higher profile in the usually US-centric discussions on cryptography and security. For example, Finland has featured in several conference sessions, simply because the Finns have a higher level of mobile phone penetration per capita than anywhere else.
They are already using their mobiles for Net access, simple transactions, payments and other uses under discussion here. But US attendees seemed more comfortable thinking of wireless in terms of the Palm Pilot, the popular, thin electronic organiser.
However users access the Internet, the sheer numbers of users, and the resultant growth in the complexity of computer networks and even basic software such as Internet browsers, means new opportunities for hackers.
For many security experts, such as author and chief technical officer of Counterpane Internet Security, Mr Bruce Schneier, "Complexity is the worst enemy of security. Unfortunately, the future of the Internet, of our digital systems, is complexity," he said. As a result, computer experts can no longer test systems for all the possible ways in which they might be broken into, he said.
Throughout the conference, panels of some of the best known names in computer security expressed scepticism about software solutions to the problem. Many felt software designed to address the problem only added complexity and further opportunities for hackers.
For example, one panellist noted that there were 100 "trusted certificates" in Windows 2000, Microsoft's business operating system due for release next month.
The certificates, used to guarantee the identity of a computer user and attest to the reliability of data sent over a network, actually offer 100 new ways to crack into a system, said another panellist, a hacker known only as Mudge.
"The best cryptography in the world is still vulnerable to attack," noted Dr Peter Neumann of SRI International, an author and the moderator of the well-known Risks computer discussion forum.
Little comfort was offered by Randy Nichols, president of Comsec Security and a lecturer on cryptography and security at George Washington University in Washington DC.
"In the 21st century we can expect that virtually all fraud against property will be perpetrated by computer means," he said.
"Just about anywhere that we centralise information is an opportunity" for hackers.
He offered a profile of the typical cybercriminal as: male, white and 19 to 30 years old, with no prior record; he identifies with technology rather than his employer; he is bright, self-confident and accepts challenges, but feels exploited by his employer; he is often under financial pressures or receives less pay than his peers; according to statistics, he is trying to impress a woman or a gay partner; his challenge is to beat the system at any personal cost.
And finally, noted Mr Nichols, cyber-criminality remains a guy thing. "Worldwide, not one single female has been charged with a felony committed with a computer," he said.
klillington@irish-times.ie
