Feeds

Crackers are common criminals

Microsoft not to blame for all the trouble in the world

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Opinion Hackers have a certain romantic image - it's a bit like Robin Hood; the small man against the machine; the righter of wrongs, that sort of thing.

On British TV the other night, a young hacker from Wales was asked why he had broken into a computer and downloaded several thousand people's bank details. He replied that he had done it to prove that the bank's security procedures were inadequate. It should have been obvious that he had no criminal intent and naturally hadn't done anything with the downloaded details. If he hadn't done it, someone else would have.

You are a judge. Before you in the court stands a pimply-faced youth with greasy hair and an ill-advised vestigial beard. He stands accused of breaking into several dozen houses and stealing credit card details and address books. The address books were used to identify future properties to burgle and, whilst in each house, he burnt all the personal correspondence he could find.

His defence?

"I only did it to prove that the locks on these people's doors were inadequate. If I hadn't done it, someone else would. It's the lock makers' fault."

Do you, the judge, dismiss the charges and commend the young chap for his public-spiritedness, whilst roundly condemning locksmiths for their sloppy workmanship? Or do you sentence him to a public flogging and then send him to choky?

Spinal Tap

Another housebreaker stands accused of a number of break-ins where he stole expensive stereo systems and CD collections. In mitigation, he blames Metallica, Napalm Death and Spinal Tap for making him do it. The reasoning is obvious - if these bands hadn't recorded unencrypted music onto CDs in the first place, he wouldn't have been tempted to pop into other people's houses while they were out and remove them. And he needed the stereo systems to play them on. And the beer from the fridge. And the car to carry it all away in.

In what way is hacking into a computer any different from breaking into a house? Both are private property. Locks on doors are only necessary because there are people who can't be bothered to work. They would much rather you worked hard to buy things that they could later remove while you were out earning more money.

Faulty locks are not the issue here - criminals are.

So why is it always Microsoft that gets blamed for making it too easy for the criminals? Why aren't Compaq, Dell, IBM, Intel and AMD to blame for providing the systems the hackers break into? For that matter, why aren't the telcos and ISPs guilty, too? Do we read stories about Sony being accused that its TVs and videos are encouraging break-ins because you can't bolt them to the floor?

Of course Microsoft is a very successful company headed up by very rich people, so envy is probably a key factor here. But surely Microsoft is only exposed to hack attacks to the degree it is because millions of people actually like its products and want to use them. They don't want functionality removed, they want criminals to leave them alone.

A hack attack on a Word or Outlook user is surely criminal trespass on their (electronic) property in exactly the same way it is if a burglar breaks into their house. It doesn't matter how easy or hard it is - it's still wrong.

Stop blaming Microsoft - it's the hackers who are the guilty ones. ®

3 Big data security analytics techniques

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.