THE INTERNET cafe Khmer Web agreed this week to pay $2,500 for unauthorized use

of private Internet accounts. The amount covers roughly 400 hours of connection

to a CamNet account and approximately 100 hours on a BigPond account.

Yet

the owners of Khmer Web still deny they purposely misused the accounts. They

claim that private customers inappropriately logged on to the accounts without

the knowledge of Khmer Web staff.

Evidence in the shape of phone and

Internet billing records and an oral admission point in a different

direction.

The misused CamNet account belongs to Bill Herod, an advisor

to KIDS, which runs three competing Internet cafes. In August and September, his

Internet bill suddenly jumped from between six and 15 monthly hours to around

500.

"I was abroad from late August to mid September. Immediately after

returning to Phnom Penh, I discovered that something was wrong. And when I tried

to change the password on my account, I discovered that it was already connected

to somewhere else," explains Herod.

By comparing phone records to CamNet

billing records through the Ministry of Post and Telecommunications, it appeared

that Khmer Web had been connected to a CamNet account in the same periods as

Herod's account had inappropriately been in use - often all day from early

morning to late evening.

Khmer Web does not have a CamNet account and,

additionally, were only connected to their BigPond account for 20 hours during

all of August - Khmer Web's first month of operation - an average of 38 minutes

of business a day.

On Thursday last week, Herod confronted Kim San of

Khmer Web with the findings in order to solve the matter privately. During the

meeting, where the Post was present, San admitted that he had obtained Herod's

password from one Bun Sothearoath, who is a regular among Phnom Penh's

computer-savvy youth.

San also acknowledged that he was responsible for

paying Herod's Internet bill of $2,498.90. On Friday he signed a document

agreeing to pay the amount.

Later, Khmer Web withdrew their admission of

any wrongdoing. At a meeting on Tuesday at the Ministry of Post and

Telecommunications, Khmer Web partners threatened to sue Herod for damaging

Khmer Web and accused him of sabotage, suggesting that he had sent someone in to

plant the password on Khmer Web's computer.

However, a settlement was

reached whereby Herod and the holder of a misused BigPond account are held

unaccountable and the payment from Khmer Web will be divided between CamNet and

BigPond.

"We made a lenient judgement and Khmer Web are now clear of this

matter. But if we find additional misuse of accounts we will not tolerate it and

be very harsh," says Undersecretary of State Koy Kim Sea.

Several other

possible account abuses are now under investigation. According to Director David

Lewis, BigPond alone has one or two suspicious cases under

scrutiny.

Avoiding misuse of an Internet account is very much a question

of password security in the account holder's end.

"If customers for some

reason have to give their password to someone else, they should always change it

immediately afterwards," cautions Lewis.

But keeping your password

secretly locked away in your computer and changing it regularly doesn't

necessarily prevent account abuse. These days a password-stealing program is

circulating in Phnom Penh.

The program works on personal computers

equipped with Windows 95 or 98 where the user has saved his passwords on the

hard disk instead of typing it in every time. When a floppy disk with the

program is inserted into the computer and run, it extracts all saved

passwords.

According to Herod this can be prevented either by changing

the name of the Windows .pwl save file after use or copying it to a floppy and

removing it from the hard disk. The file name must be changed back or the file

reinstalled when it is used next time.

Kim Sea and Lewis urge customers

who suspect that their accounts are being misused to contact their Internet

provider.