Tim May wrote:
On Sunday, May 26, 2002, at 10:07 AM, John Young wrote:
Thomas Friedman in the New York Times today:
For example, in another place:
"The question `How can this technology be used against me?' is now a real R-and-D issue for companies, where in the past it wasn't really even being asked," said Jim Hornthal, a former vice chairman of Travelocity.com. "People here always thought the enemy was Microsoft, not Mohamed Atta.""
No, the reason companies deployed crypto was not because they feared Microsoft would read their mail, but because they feared hackers, terrorists, thieves would read their mail.
As for worrying about terrorism, many corporate headquarters have anti-truckbomb measures in place. In front of the Noyce Building in Santa Clara, Intel's high-rise headquarters building, there are extensive barriers and other measures to prevent a truck bomb from being driven into the main lobby and detonated. These have been there for most of the past decade; security was not an afterthought resulting from 9/11.
Exactly I can't imagine that any large US company that operated abroad - which is effectively all of big ones - didn't think about the same sort of thing. My ex-employers did business in a number of African and middle-eastern countries, some of them in a state of civil war, and had planned responses to kidnapping or murder of employees or their families, and to armed attack on company buildings, so physical security had always been on the agenda. If any of them were complacent about security in the USA itself, they would surely have been shaken out of it in the 1960s if not before. (Hey, didn't you guys use to have bank robbers? And what about the days when payrolls really were rolls of paper money?). Anyway, after abortion clinic bombings in the 1990s, and the Atlanta Olympic & Oklahoma bombings and Seattle protests surely no corporation the USA could have been naive enough to think that they were immune to politcal violence? The US company I used to work for in London had it's buildings within the blast radius of IRA bombs in 1983 and 1991 (and nearby in 1982 and 1995). The main thing that worried them in London was being occupied by demonstrators against the company's policies in other countries, or by "anti-Globalisation" protestors. We had discussions with police and others about corporate response to attacks or demonstrations. I participated in them at one point to discuss IT security. It was that sort of discussion that persuaded people to pay for firewalls and proxy servers. I don't think the idea that whole areas of the net woudl be wiped out by stupid Microsoft word macros occured to many of the non-IT managers, but they certainly didn't want to be hacked by Greens, who some of them had an exaggerated fear of. One of the reasons I knew it was time to leave was when I found myself talking to men in suits about defending ourselves against demonstrations that friends of mine might have been taking part in.