WITH Internet cafes mushrooming all over Phnom Penh and slowly spreading to major

provincial towns, a local computer adviser has proposed setting up a registration

system to monitor private Internet and email businesses.

Last year Bill Herod, who advises Khmer Internet Development Services (KIDS) and

its three Phnom Penh cyber cafes, suddenly found that the usage of his personal Internet

account jumped from between six and 15 monthly hours to almost 500.

By comparing phone records to Internet billing records, it turned out that the Internet

cafe Khmer Web had been connected to a Camnet account in the same periods as Herod's

account had inappropriately been in use - although Khmer Web at the time did not

have a Camnet account. Khmer Web then agreed to pay $2,500 for unauthorized use of

the account.

To avoid similar misuse in the future, Herod now suggests registering private cybercafes

and demanding that they at any given time can show invoices of their Internet usage

that in hours roughly correspond with their phone bills.

"It will make it more difficult to use stolen passwords to access other people's

Internet accounts. That may deter some less honest businesses from trying to do so,"

says Herod.

However, the Undersecretary of State at the Ministry of Post and Telecommunication,

Koy Kim Sea, is not at present interested in setting up a registration system.

"It involves too much work. Right now misuse of passwords is not a problem,

so we do not feel that such safeguards are necessary. But if fraud becomes a problem,

we will contemplate a registration system," says Kim Sea.

Instead, the ministry chooses to rely on Internet customers' vigilance in guarding

their passwords. Also, in the wake of the Khmer Web incident, the ministry sent out

warnings to all Internet cafes in Phnom Penh that password fraud would result in

heavy penalties.

The Manager at Telstra's Internet division, Bigpond, David Lewis, finds the idea

of a registration system "interesting".

"But it needs thinking about. I don't know how practical it would be. In any

case it would only prevent fraud by web cafes and ensure that they don't exercise

unfair competition. It doesn't prevent password fraud by individual persons,"

says Lewis.

Therefore, Lewis concludes, the best reassurance against misuse of one's Internet

account is safeguarding the password and changing it every month.

Passwords still remain extremely easy to obtain - either by simply looking over the

shoulder of the user or by inserting a disk with a password extracting program into

the computer. It only takes a few seconds and there has been at least one incident

where an Internet user had his password extracted while his computer was at the repair

shop for service.