Mark B. Schmidt

Spyware: a little knowledge is a wonderful thing

With the increased dependence on networks and the near ubiquitous availability of the Internet, there is a new paradigm in place for the proliferation of spyware, viruses, and other malware. In fact, much attention has been given to spyware in popular literature with reports from multiple sources indicating that spyware has perhaps reached 90% home user PCs [2].

Busting the ghost in the machine

This article describes an attempt to infect two new Dell WindowsXP-SP2 PCs (named Grease and Grime) with spyware and examines the results of the spyware infections. Each PC carried Symantec Antivirus 8.1.0.125, Spyware Doctor 3.1 (Doc), Spybot Search and Destroy 1.3 (SSD), and Sandra 2005 software, but no inoculation options were active during the infection and examination processes. Table 1 illustrates the initial benchmark metrics from Sandra 2005 obtained from SI Software at www.sisoftware.net/.

A Cross-Cultural Comparison of U.S. and Chinese Computer Security Awareness

Despite the recent increased attention afforded malware by the popular press, there appears to be a dearth in user awareness and understanding of certain aspects of the security paradigm. This article presents a comparison of user awareness levels of rootkits, spyware, and viruses between U.S. and Chinese users. The results of a survey of 210 U.S. respondents and 278 Chinese respondents indicate that respondents’ awareness and knowledge of rootkits is well below that of spyware and viruses. Data analysis further reveals that there are significant differences in Chinese and U.S. user perceptions with regard to spyware and computer viruses. However, there is no difference in cross-cultural awareness with regard to rootkits. Due to the ubiquitous nature of the Internet, rootkits and other malware do not yield at transnational borders. An important step to mitigate the threats posed by malware, such as rootkits, is to raise awareness levels of users worldwide.

Weak Password Security: An Empirical Study

Taylor & Francis makes every effort to ensure the accuracy of all the information (the “Content”) contained in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and should be independently verified with primary sources of information. Taylor and Francis shall not be liable for any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of the Content.

An Empirical Assessment of Technology Adoption as a Choice between Alternatives

Technology adoption by individuals has traditionally been regarded by information systems researchers as a choice between adoption and non-adoption of a single technology. With the current diversity of technology alternatives, the adoption decision may be more accurately specified as a choice between competing alternative technologies. The research question may no longer be simply whether technology is adopted, but rather which technology is adopted. The authors illustrate this with a simplified model of choice between two competing technologies, where the second technology is an enhanced version of the first. Their theoretical model is based on Expectancy Theory ET. Results indicate that system characteristics can be successfully captured in the Valence Model of ET, and effort expectancy in the Force Model. Future research can expand on these results by including more factors in the Valence Model, and by comparing more than two alternative technologies.

E-commerce security threats: awareness, trust and practice

Electronic commerce (e-commerce) has always been accompanied by security concerns. Despite numerous studies in the areas of security and trust, to date there is a dearth of research that addresses the impact of security trust and security awareness on the prevalence of online activities. This study investigates the relationships among awareness of security threats, security trust, frequency of e-commerce activities and security practices. The results presented herein suggest that security awareness level is positively correlated to security practices. The security trust level of frequent e-commerce users is higher than that of infrequent e-commerce users. The study also found that there was no significant correlation between trust level and awareness.

Managing the diffusion of organizational learning behavior

This paper addresses the need for organizations to manage the transformation from traditional hierarchical models to ‘learning organizations.’ We propose a five-stage methodology useful in the diffusion of behaviors associated with organizational learning (OL) theory. The stages of OL diffusion are (1) agenda-setting, (2) matching, (3) restructuring, (4) clarifying, and (5) routinizing. Each stage involves both managerial (structural) or member (cultural) influences on organizational memory (OM). Salient definitions are provided and the OM aspects and deliverables associated with each OL diffusion stage are discussed. This research provides a theoretically-driven approach to help change agents diffuse and realize the potential of OL behavior in the firm.

Security Perceptions of e-Commerce Users

In todays computer security paradigm, e-commerce participants are faced with many types of malware. Spyware and viruses are two such examples that continue to threaten secure e-business. Despite the best efforts of information security professionals to lessen the frequency and impact of the infections, these infections show no sign of abatement. Because typical users are vulnerable to malware and security breaches, increasing education and awareness is a necessary step in efforts to mitigate the malware threat. However, prior to implementing an effective education program, user behavior toward malware and the awareness levels must be assessed. To this end, the efforts described herein are to assess both familiarity and knowledge of respondents from two universities relative to malware. Based on data from approximately 200 information technology (IT) users, it was found that there are differences in security awareness and perceptions between light and heavy e-commerce users.

Organizational Ecology Success Factors in the Business: A Case Study at Fingerhut Inc.

The proliferation, growth, decline, and re-growth of the high tech industry during the past several decades has allowed for the creation of new organizational concepts. One of these concepts finds its theoretical underpinnings in the areas of ecology and biology. This paper attempts to apply organizational ecology, particularly the well-known Verhulst-Pearl (VP) ecological logistic growth model, to the life cycle of e-commerce enterprises using Fingerhut Inc. as an example noting its successes and failures.

Steganography: Forensic, Security, and Legal Issues

Steganography has long been regarded as a tool used for illicit and destructive purposes such as crime and warfare. Currently, digital tools are widely available to ordinary computer users also. Steganography software allows both illicit and legitimate users to hide messages so that they will not be detected in transit. This article provides a brief history of steganography, discusses the current status in the computer age, and relates this to forensic, security, and legal issues. The paper concludes with recommendations for digital forensics investigators, IT staff, individual users, and other stakeholders.