Do we need computer competence tests?

Reverse into parking space, leave laptop on back seat

  • alert
  • submit to reddit

Intelligent flash storage arrays

Column Indignation is the immediate response if you suggest to any computer user that they should be given a licence to use their PC only if they pass a test. Why is this?

When someone crashes a car on the motorway, naturally, our first response is to utter words of sympathy: "Oh, hope they're not hurt..." - but what we're actually thinking is: "If that twit had driven carefully, I'd be able to catch my flight!" And it was amazing how many people who arrived at Heathrow after the BA flight from China crashed into the mud before the runway, didn't say - even on camera! - how glad they were that there were no fatalities. No - they complained about the lack of "proper counselling" rooms and moaned about how nobody seemed to have time to stop and "give clear directions" about where they could find coffee and an internet link and "why were they being charged, when it wasn't their fault?", and was this what London was really like?

But the presence of idiots online is at least as disruptive to everybody's lives.

Every time some kid clicks on a phishing link and invokes a Trojan program, or some greedy idiot agrees to send their bank details to a bunch of crooks in Israel or Russia in the hope of getting hold of illegal cash, their computer gets compromised, and joins the army of "bots" which mean that legitimate businesses are fleeced of terrifying amounts of money by organised criminals.

The thing is that of course you can't prevent this sort of thing happening, any more than you can utterly end death on the road by insisting on regular car tests. There will, always, be some antisocial "libertarian" who will argue that "If I want to buy a computer and use it as I see fit (within the bounds of the law) then why shouldn't I?" - as if asking the question provided the answer.

And if such people are confronted with a change in the law, they'll simply disobey it. People drive cars today without licence, without roadworthiness papers, without insurance. Not surprisingly really, when you consider how often someone is hauled into Court for driving without a licence, and as punishment is banned from driving for six months!

The thing is not the inevitability of a few idiots. It's the sheer number of people let loose on full-power, open operating systems capable of running absolutely any software at all. Do they know how to find and eliminate malware? No! Are they running up to date anti-virus software? No! Could they actually detect a fault in their security package? No!

I think anybody with a reasonable grasp of these basics should be allowed to drive a PC. What I can't see is what we gain by allowing everybody else onto the internet in the equivalent of a 30-ton truck, without the slightest idea of what damage they can cause.

So when will we admit that it isn't a blow against the Electronic Freedom Foundation to say: "Unlicensed users can use secure browsers on restricted 'information appliances' for surfing. But anybody who wants to run a machine that can be compromised has to demonstrate a minimum competence"?

The whole idea is utterly repugnant to anybody brought up on the early microcomputers, or the mainframes before those days. I myself can remember leading a spirited debate at Imperial College, arguing that hacking should never, ever be made illegal. To be sure, making it illegal has had few serious consequences for any hackers, and the Computer Misuse Act won't prevent any virus writer from experimenting... so in that sense, I suppose the argument was worth debating! - but I no longer hold those views with the same simple clarity I perceived then.

Is it possible that in a decade, we'll ask how on earth the Netizens of the 20th century tolerated the mayhem that goes on online?

The answer may have something to do with whether we can agree (as a society, Mrs Thatcher) that people actually have rights to the internet. If we can agree what those rights actually are, then maybe we can agree what abilities ought to be restricted to those who can demonstrate competence.

For example, a "sandbox PC" running only licensed software; what would it be limited to? We don't seem to have a list. Should it be able to run email? If so, how many emails should it be allowed to originate in one day without paying an email premium? Surely, if ISPs limited CC emails to 20 a day and charged 1p per email CC thereafter, most spam would dry up?

In exchange, perhaps we could insist that who we send emails to, and what they contain, is entirely confidential without some evidence of criminality?

What about games? Is it really a blow against human rights to suggest that if you can afford a machine with a kilowatt power supply and a dual-core video card, you can also afford to register the thing and its IP address as a danger to the web? - and that if you don't want to do that, you probably don't really care about gaming? And if in exchange, society agreed that we have a right to complete anonymity when posting in moderated forum sites, would we not have gained something?

Most important, can we design a sandbox PC, which does what most of us want (visiting Facebook, managing photographs and videos and music, searching the web for news and chat) but which can only run other software when recognised by the ISP which provides our web link?

Now, I know the answers to almost none of these questions. But I think the time has come to start asking them, seriously, and to start answering them without kneejerk reactions.

For the web to be a freer place, it may be that the freedoms we have already lost, may be traded against liberties which are of no use.

It is, surely, a loss of liberty to say "You can't buy a Formula One racing car and drive along the motorway at 200 mph" - but how important was that freedom, really? And are we doing something equally daft in insisting on the "freedom" to let someone load the office database onto their personal laptop and leave it in their car outside Tesco; or in leaving it entirely up to the user whether their PC is infected or not?

Or are we too shy to ask uncomfortable questions in public on this subject? ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
prev story


10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.