Inside DC| More...
 

Charles Perrow

Charles Perrow

Posted: December 18, 2008 09:36 AM
BIO Become a Fan
Get Email Alerts Bloggers' Index

Internet Fraud as a Market Failure

digg Share this on Facebook Huffpost - stumble reddit del.ico.us RSS
Read More: Anti-Virus Software, Apple, Computer Fraud, Computer Hackers, Computer Viruses, Computers, Credit Fraud, Financial Transaction, Freeware, Identity Fraud, Integrated Structure, Internet Finance, John Markoff, Mac Computers, Macintosh, Microsoft, Microsoft Windows, Modular, Online Credit Card Theft, Online Trading, Spyware, Ubuntu, Visa Europe, Business News

John Markoff's story about internet fraud (NYT, 12/5/08: "Thieves winning online war"), is important, but he does not identify the basis of the fraud. There is a "market failure" because there is so little demand for secure software. Thus, Microsoft's Windows machines control over 90 percent of the operating systems, most of which are on the Web. Much more secure operating systems exist - Ubuntu, which is freeware, has as yet to be captured by hackers, and Sun and other systems offer very secure systems. But financial institutions readily pay the cost of fraud. Internet financial transactions are growing at a faster rate than internet fraud, so credit card companies and banks are willing to pay the costs rather than demand that customers switch to safer systems, which might lead to losing them. Last year, Visa Europe had credit card fraud costs that were only 0.05 percent of its volume, a trivial amount compared to its huge profits, according to a report to the European Committee on Economic Security and Cooperation.

The basic problem is the architecture of Windows (and web-based programs that Markoff identifies); it is integrated rather than modular. Integration means that if a fault or opening is found in the software the intruder can bore into the core (kernel) and capture the machine. With a modular structure, the intruder is not able to get to the kernel, which is protected by a tight interface. Macintosh architect is more modular, open source software such as Ubuntu is very modular, and has to be because anyone can program it. If fraud expands faster than financial transactions on the internet, we might find there is a market for safe software. Microsoft would have to completely rewrite its programs in a modular form to reach this market.

Charles Perrow, Emeritus Professor of Sociology, Yale University, and author of Normal Accidents: Living with High Risk Techologies, Princeton, 1999, and The Next Catastrophe: Reducing Our Vulnerabilities to Natural, Industrial, and Terrorist Disasters, Princeton, 2006.

Citation: van Eeten, Michel J.G., and Johannes M. Bauer. 2008 "Economics of malware: security decisions, incentives and externalities". Organization for Economic Co-operation and Development, Paris. May 29.

Charles.perrow@yale.edu

John Markoff's story about internet fraud (NYT, 12/5/08: "Thieves winning online war"), is important, but he does not identify the basis of the fraud. There is a "market failure" because there is so ...
John Markoff's story about internet fraud (NYT, 12/5/08: "Thieves winning online war"), is important, but he does not identify the basis of the fraud. There is a "market failure" because there is so ...
 
Comments
2
Pending Comments
0
iPhone App Promo

Want to reply to a comment? Hint: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to

View Comments:
- ConradMazian I'm a Fan of ConradMazian permalink

I'll disagree with TheVicar. He thinks that modularity is a mixed blessing. I think that Integrated software that leaves you open to attacks is an utter horror. Giving up security for speed is stupid, like leaving the seat belts and air bags out of a car so that it goes faster.

The other thing to consider is Compiz, the fantastic Linux eye candy, that looks better than Aero, and can run on computers that are totally incapable of running Vista's Aero interface, a good example of a modular system that runs better than an integrated system, and which proves that the hardware OEMS aren't all that good at writing drivers, compared to the Operating System folks (and this is true about Windows and OSX drivers - those written by the Operating System programers often are more efficient than those written by the hardware guys).

In closing, I've been running Ubuntu 9.04 Alpha 2 for a couple of weeks now, and it's damned impressive. When you run Alpha software, you expect problems. Ubuntu 9.04 has run flawlessly on my Acer laptop, and it has the best hardware detection routines I've ever seen - it got my wireless card right away. While Canonical doesn't advertise it, you can download it from:

http://cdimage.ubuntu.com/releases/jaunty/

    Favorite    Flag as abusive Posted 10:26 PM on 01/14/2009
- TheVicar I'm a Fan of TheVicar 2 fans permalink

Modularity is a mixed blessing. The decoupled nature of Linux APIs makes it much harder to deliver software. Quick: which audio API should you program for if you want to play sound continuously? How about if you just play a single sound occasionally? What API do you use to print? It's all a mess. Actual application programming for Windows or the Mac OS is vastly simpler than working in Linux.

Furthermore, modular APIs can be vastly less efficient than integrated ones. All the Linux GUI systems are based on X11. It turns out that the graphics drivers provided by manufacturers (which tend to be much, much faster than the ones provided by the open source community, when there is overlap) ignore the "official" graphics model provided for Linux, with all its decoupled and almost-imp­ossible-to­-accelerat­e mess, and simply run everything in (surprise!) an integrated stack.

    Favorite    Flag as abusive Posted 05:09 PM on 12/18/2008
Comments are closed for this entry

 You must be logged in to comment. Log in  or connect with 

Connect