[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Attention Shoppers: Internet Is Open (NYT, 12Aug94)




-----BEGIN PGP SIGNED MESSAGE-----

New York Times, 12 August 1994, Page C1.

[Photograph of five young men standing around a decorated office.]

A system from the Net Market Company allows credit card shopping on the
Internet in total privacy.  Net Market's chief executive, Daniel M.
Kohn, foreground, worked at the company's office in Nashua, N.H.,
yesterday.  Behind him, from left, were the president, Roger Lee;
program developer, Mark Birmingham; senior program developer, Guy H.T.
Haskin, and chief information officer, Eiji Hirai.

ATTENTION SHOPPERS: INTERNET IS OPEN

By PETER H. LEWIS

At noon yesterday, Phil Brandenberger of Philadelphia went shopping for
a compact audio disk, paid for it with his credit card and made
history.

Moments later, the champagne corks were popping in a small two-story
frame house in Nashua, N.H.  There, a team of young cyberspace
entrepreneurs celebrated what was apparently the first retail
transaction on the Internet using a readily available version of
powerful data encryption software designed to guarantee privacy.

Experts have long seen such ironclad security as a necessary first step
before commercial transactions can become common on the Internet, the
global computer network.

- From his work station in Philadelphia, Mr. Brandenburger logged onto
the computer in Nashua, and used a secret code to send his Visa credit
card number to pay $12.48, plus shipping costs, for the compact disk
"Ten Summoners' Tales" by the rock musician Sting.

"Even if the N.S.A. was listening in, they couldn't get his credit card
number," said Daniel M. Kohn, the 21-year-old chief executive of the
Net Market Company of Nashua, N.H., a new venture that is the
equivalent of a shopping mall in cyberspace.  Mr. Kohn was referring to
the National Security Agency, the arm of the Pentagon that develops and
breaks the complex algorithms that are used to keep the most secret
electronic secrets secret.

Even bigger organizations working on rival systems yesterday called the
achievement by the tiny Net Market a welcome first step.

"It's really clear that most companies want the security prior to doing
major commitments to significant electronic commerce on the Internet,"
said Cathy Medich, executive director of Commercenet, a Government and
industry organization based in Menlo Park, Calif., that hopes to
establish standards for commercial transactions on the Internet and
other networks.

The idea is to make such data communications immune to wiretaps,
electronic eavesdropping and theft by scrambling the transmissions with
a secret code security technique known as data encryption.

While Commercenet and other organizations have been working to develop
a standard for the automated data encryption of commercial
transactions, the small band of recent college graduates who formed the
Net Market Company in New Hampshire appear to be the first to implement
such technology successfully.

Tests of Commercenet's encryption system, which is based on algorithms
- - mathematical formulas - developed by RSA Data Security Inc. of
Redwood City, Calif., are expected to begin this fall.

Commercenet hopes to create an easy-to-use industry standard for
protecting Internet transactions.

For now, Net Market's approach is available to the limited number of
computer users who have work stations running the Unix software
operating system and a sophisticated Internet navigational program
called X-Mosaic.  The data encryption program is called PGP, for Pretty
Good Privacy, which is based on the same RSA algorithms used by
Commercenet.

PGP is available free, but it requires technical expertise to download
it from the Internet.  But within a few months commercial versions of
PGP are expected to be available for personal computers using the
Windows and Macintosh operating systems, which comprise the vast
majority of computers in North America.

Security Breaches Reported

The widespread adoption of standard data encryption tools cannot come
too quickly for many Internet entrepreneurs, who hope to foster new
levels of commerce on the rapidly growing network.

Alarmed by increasing reports of security breaches on the Internet many
people and businesses are reluctant to transmit sensitive information,
including credit cards numbers, sales information or private electronic
mail messages, on the network.

But the use of standard data encryption software, which scrambles
messages so they can be read only by someone with the proper software
"key," has been hindered by a combination of Government regulations and
software patent disputes.

Experts say the PGP encryption software used by Net Market is at least
as robust as the so-called Clipper encryption technology that the
Clinton Administration has been pushing as a national standard.  But
unlike the Clipper system, the software keys for opening and reading
PGP-encrypted documents is not controlled by the Government.

A version of PGP for individuals is available free through the
Massachusetts Institute of Technology, but users must retrieve it from
an M.I.T. computer through the Internet.

Organizations wanting to use PGP for commercial purposes must obtain it
on the Internet from a company in Phoenix called Viacrypt, a maker of


[bold inset

A system offers on-line credit card shopping in total privacy.  

end inset]


computer security software and hardware tools.  Prices for PGP begin at
$100 a copy.

A Browsing Feature

One achievement of the young programmers at Net Market was to
incorporate PGP into X-Mosaic, the software that many Internet users
rely on for browsing through the global network.

X-Mosaic is a software tool that allows the users of Unix computers to
browse a service of the Internet called the World Wide Web, where
companies can post the electronic equivalent of a glossy color brochure
with supporting sales or marketing documents.

In the case of Noteworthy Music the record retailer that leases a
"store front" in Net Market's Internet computer, a shopper can look at
color pictures of CD album covers.

Mr. Kohn, a 1994 honors graduate in economics from Swarthmore College,
came up with the idea for Net Market during his junior year abroad, at
the London School of Economics.  There, he persuaded an American
classmate, Roger Lee, to join his venture.

Mr. Lee, who graduated from Yale this past spring with a degree in
political science, is president of the company.  For technical
expertise, they recruited two other partners from Swarthmore, Guy H.T.
Haskin and Eiji Hirai.

The four men live upstairs in the house in Nashua, commuting downstairs
each morning to run the business.  Because of the pressures of running
the system and debugging the software, they rarely venture outside,
even though they have a backyard swimming pool.

"We don't get much sun," Mr. Kohn said, "but we're down to a case of
Coke a day."

'An Important Step'

Although Net Market has been selling various products like CD's,
flowers and books for several months on behalf of various merchants,
yesterday was the first time they had offered digitally secure
transactions.

"I think it's an important step in pioneering this work, but later on
we'll probably see more exciting things in the way of digital cash,"
said Philip R. Zimmermann, a computer security consultant in Boulder,
Colo., who created the PGP program.

Digital cash, Mr. Zimmermann explained, is "a combination of
cryptographic protocols that behave the way real dollars behave but are
untraceable."

In other words, they are packets of worth that have value in
cyberspace, the same way dollars have value in the real world, except
that they have the properties of anonymity, privacy and untraceability.
Many details remain to be worked out, Mr. Zimmermann said.

For now Mr. Brandenberger, despite his historic transaction yesterday,
will be paying with plain old dollars, when he gets his credit card
bill.  And sometime today, the Sting CD will arrive by fairly
conventional means shipped FedEx from the Noteworthy Music warehouse in
Nashua.

DEADBEAT <[email protected]>

-----BEGIN PGP SIGNATURE-----
Version: 2.4

iQBFAgUBLkt5+/FZTpBW/B35AQGp/QF9E7xzIivWavE6oZw/OyJBKpBEMh+Ded5d
btGwA62La30MMk/7JkwFt01o1DIM581u
=sUm+
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
To find out more about the anon service, send mail to [email protected].
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to [email protected].