Feeds

Reader's Letters Lots of anger this week

Hackers and brain snackers

  • alert
  • submit to reddit

Seven Steps to Software Security

(This week, letters on hackers, Microsoft-Linux and IDC, Japanese quantum claims, crap drinking joke with Latin flavour, Readers @ the Speed of Thought, crap Americanism. We also get a ticking off for being too flippant about AOL, Netscape and privacy.)

What d'you mean hackers are common criminals?

[Andrew thought it was about time he got his opinion of hackers off his chest. So he did. And then the emails started coming]

I think your understanding of the problem here is beyond hopeless.

I agree that hackers don't wear white hats and the perception of hacking needs to change among crackers themselves. Just look at the movie War Games if you want to see an early example of the kind of romantic rubbish that launched a thousand script kiddies. Unfortunately you've gone off the deep end in your comparisons. The burglary analogy just doesn't work for me, these crimes are what they are. Many of the hackers are misguided by a warped subculture, many foolishly think they are doing a service or aren't causing harm. Some are malicious and should be treated accordingly. Imagine yourself in the position where your son is arrested for downloading Satan and running it at university, are you really going to be as disappointed at that news as you would be had he been caught robbing the local bank? How many years are you going to sentence him to? Or would you rather that he gets a stern warning and the guidance he needs to understand that these crimes are not victimless? One of the problems with current legislation is it fails to take into account the nature of the crimes, often wholly inappropriate legislation is wielded in a ham fisted attempt to curb the problem. We need informed opinion which helps our lawmakers deal with this problem, not contorted diatribe which encourages an even more hysterical reaction.

I can only hope that other writers at The Register cringed when they read your opinion. If they aren't embarrassed by your scrawl they should be.

Cheers
Angus.


What a very interesting piece..... not.

Did you used to work for a tabloid by any chance and do you know what a computer is or how they work.. perhaps you just think it's that thing on your desk you write crap into ???

How can you compare a hacker breaking into a banks computer and downloading a bunch of files just to prove he can do it and showing how lax their security is with someone who breaks into your house and burns all your personal stuff ??

MOST people who break into house do so because they actually want to physically steal something from you so they can sell it for money or use it themselves, once it's stolen you can't get it back and if they burn your personal possessions they're deliberately having a go at you.

MOST hackers break into computer systems for the sake of breaking in, to prove they can do and to show how lax that computer systems security is, they do NOT break in for any of the above reasons.

Just to prove the point and to make you think twice before you fly, several years ago a couple of young men filmed themselves breaking into a plane while it was on the ground by coming up through the undercarriage. They had full access to the entire plane (including the cockpit) and could of easily planted a bomb without anyone knowing. They then handed the film to the local TV station (Central TV I believe) and the police. They did it to prove a point that planes weren't secure and it was just too easy to break into them. Because of that, security was changed and tightened.

Personally, I'm glad they did it and not some terrorist out to prove a point, if they hadn't and the same security had been in place now god knows how many "accidents" would of happened by now. It's possible you might not of even been able to write your pathetic piece.

I still have a lot of respect for The Register and most of it's journalists but pricks like you really bring the site down with your blatant overhyped, bullshit, emotional heart string pulls.

Jonathan


Dear Mr. Thomas,

On the 4th of July you were lucky enough to be given an opportunity to air your views about cracking (if you are going to make your opinion public, at least get the terms right) and I would like the right to reply to your statements.

You draw a parallel between the actions of a person appearing in a television programme awaiting the outcome of legal action to a house breaker. This analogy is flawed in two ways:

First: The person in the television programme did not break into private property, he cracked web sites. The people at fault here are those who run the sites. It is they who have a responsibility of trust to the ordinary consumers to keep their details safe. Do the people running the web sites have security professionals in their employ? If so what are their credentials? (a MCSE will not cut much ice in the professional security field)

Secondly: You equate the loss of personal details with the theft of personal property. I do not see how you can equate the two. In the first case information was stolen, in the second a physical item.

In the last part of your article you liken the act of music piracy to the theft of physical property. (It seems to me that you have missed the point by doing this. Most of the time the site from which the information was copied did not know about it until told. If you loose a physical object you do not have to be told, you notice)

Envy is not a factor for me. Why should I be envious of the most intransigent man on the face of the planet. If I should be envious of him simply because of his wealth, then I feel sorry for you, for it is you who is narrow of vision and shallow of thought.

You may ask by what right I criticise those who advise and secure web sites? My job involves me designing and building secure computer systems for the government. As a civil servant I can not go into much detail, suffice to say that the UK government is aware of what is going on in "cyberspace" and are taking steps to combat the actions of crackers.

Stuart Troughton

The views expressed above are mine, not my employers, so accredit them accordingly.
P.S Bet you do not publish this!


Dear Sir,

I very much enjoyed reading your article, as I always do reading The Register. The article makes a couple of good points which, although they've all been made before, I feel are important since the semantics of the typical hacker's defense can easily lure one into forgetting what they actually do.

However, I do not entirely agree with your view on the security issues at hand. In a perfect world, there would be no need for security because nobody would consider taking another man's property, but this is NOT a perfect world and there is a clear need for security and encryption (for a large number of reasons).

Surely, in the old days, many companies would have regarded trade unions as a form of organized extortion (which at least rhetorically is accurate, if philosophically untrue), but today most of us reap the benefits of their efforts. Similarly, we can now all enjoy the benefit of increased security in many respects due to the efforts made, more or less, by dishonest hackers/crackers. This whole debate has nothing to do with Microsoft. If Sun or Oracle had been more successful they would have been in the hackers' spotlight.

While on the topic of Sun and Oracle, the behaviour the CEOs of the enormous corporations never ceases to amaze me. How can two supposedly intelligent men in their positions allow themselves to descend to a kindergarten level when talking about Bill Gates? I find it pathetic and totally undignified when they ridicule Bill Gates' hairstyle and make unwarranted allegations about his personal hygiene. Larry Ellison is an arrogant clown who thinks the world of himself and looks like a low-budget version of actor Billy Crystal, and Scott McNealy who looks like an old woman has some of the ugliest teeth I've ever seen, but Bill Gates doesn't talk about that.

Oh well...
Yours sincerely,

Ulrik M. von d'Ahe
Copenhagen, Denmark

[We take it you don't count yourself as an intelligent man then Ulrik]


Totally agree with you on this. It was about time someone wrote something like this.

I think that using and attacking a computer detaches hackers from the reality of what they are doing, which ultimately effects real people - either the system admins who have to clear up the mess they leave or the people whose details get stolen. If any of them came face to face with the people who they affected I think they would think twice about the morality of their actions.

If someone hacks my website which I have spent 1000's of hours on then it's vandalism - exacty the same as if I were an artist and they chucked a can of paint over one of my paintings. Anyhow - nice article.

Kind Regards
Antony Moore


I'm glad to read that someone doesn't buy the hacker's common defense for breaking into a computer system. I have read many times something along these lines, "It's the system administrator's fault for not securing the computer. Not mine. I'm doing him/her a favour."

Try telling that to the customers who can't access a company's services online, or the technicians who have to come in at 1am in the morning to clean up the mess. I know, I've been on both sides of such incidents.

Their defense is nothing more than a flimsy excuse for online vandalism.

Jack McCoy



Japanese get a little above their station

[Tony ran a story about how Japanese scientists at the country's telecoms ministry said they were going to use quantum mechanics to transmit data across future networks. One reader took exception]

Just to let you know that this stuff isn't even nearly a new idea, and how the Japanese can claim credit for the idea is beyond me. I attended a lecture that included every detail from your story over a year ago, by a Dr. Simon Phoenix from BT Laboratories.

James P Schlackman




Now that's what I call feedback

[Tony wrote an analysis of IDC's analysis of Microsoft's position. He then received a reply from a respected top bod at IDC itself]

I enjoyed reading through your analysis of what C/Net had published concerning IDC's analysis of Judge Thomas Penfield Jackson's decision in the Microsoft anti-trust case. You brought out many of the points which were in our bulletin that did not appear in the C/Net analysis. This isn't surprising. We didn't provide C/Net with a copy of the document.

If you don't mind, I'd like to add a few points. It is rather unlikely that Baby Bill #1 would chose to distribute Linux. When one considers the opinion of many in the open source community, any successor to Microsoft is unlikely to be very successful in convincing these people to offer help. This help is an absolute requirement for success in this market.

It is also rather unlikely that Microsoft's application company, Baby Bill#2, would choose to port Office to Linux or UNIX. Microsoft's product is already available to people who purchased 92.5% of client or PC operating environments in 1999 (Windows plus Mac OS). It is not at all clear that the product planers for the Microsoft application company would chose to fund a port, train support staff on Linux and/or UNIX, and sell the product to address the needs of approximately 4% of the market.

If Baby Bill #2 did chose to take this step, it would be forced to price their software to compete with Corel, Applix, etc. This would undercut the price they're asking for the software on other platforms. The Windows and MacOS users of office would demand the same price for the software. It is far more likely that Baby Bill #2 would port SQL Server, development tools, etc. since Linux is having greater success in the market for server operating environments (24.4% share in 1999 by paid or revenue shipments).

The bulletin Al Gillen and I published considered all of these scenarios and pointed out that if the Microsoft baby Bills chose to enter these markets, it would put a lot of pressure on those in the market today. It also pointed out that this is rather unlikely.

I would be pleased to discuss IDC's worldwide system software research with The Register when any of your associates call or write.

Thanks once again for offering your insight.

Dan Kusnetzky, VP system software
International Data Corporation


Do you really get funnier as you get drunker?

[Lucy said that online wine retailers were next for the global dotcom crunch. A reader took this as a start point for a crap gag]

Hello again!

I suspect we're only getting half the story in "Wine sales online are going to get corked" You write: "...according to an online business consultancy Rubus."

So, "Rubus", eh? Isn't that Latin for "Red"?!?

I feel we need another perspective, from some outfit called "Bianco" or "Weiss-Trocken" or something, before we can be sure we have the full picture!

As always,
Christian "deadly serious" Conrad


And now the scientific bit

[Drew drew a comparison between a Sunday Telegraph article on the brain and Senor Gates' must-read book. The speed of thought is apparently 2mm per hour. We got some knowledgeable replies]

While I have no doubt that Bill Gates runs his company at 2 mm per hour, I do know that the "speed of thought" is rather quicker. That the Sunday Telegraph published this as something new surprises me, as it has been known for quite some time that molecules of myosin work to transport neurotransmitters, ions, and nutrients down the axons of neurons. In fact, the process is basically the same as the one which allows your muscles to expand and contract. "Thought" is due not to the transport of these chemicals by myosin, but by the release of these chemicals from the axon termincal across a synapse to a dendrite, axon, or cell body. The size of these synapses is very small, and the time it takes the molecules to cross it is also very small, making the limiting factor on the "speed of thought" the speed at which an electric potential travels down an axon. Due to many different factors, this can range from mm per second to many meters per second.

The quote: "At first sight," he comments, "it is a wonder that humans are quickwitted at all." is ridiculous. It's akin to assuming the top speed of your car is the rate at which gas (or should I say petrol?) is pumped into it, and then saying it's a wonder we all get to work every day.

Oh, and if you would like to give the Telegraph a jump on their next big story, tell them a protein called kinesin walks in the opposite direction.

Ryan Kuzmickas



Nah, nerve impulses have been clocked at tens of meters per second since Victorian era measurements, and are well understood to vary according to the thickness of the nerve and the myelin covering. The myocin mechanism is probably concerned with keeping the nerve ends well stocked with supplies, not with doing the thinking.



Incidentally, you might compare this with electricity in wires. The electrons drift in copper at millimeters per second, but the electrical field effects propogate typically around 2/3 the speed of light.

I'll leave you the puzzle of finding out why it is not 100% of C.

Regards,
Tanj



MyoSin in the brain?!



Don't think so. MyoSin and actin are the contractile proteins of muscle. What you describe as "two legs with which it 'walks' along fibers..." is the sliding filament theory of muscle contraction.

Dr George Kleinman




And finally - just some angry folk

From your article this morning: 'There's good PR bunnies and crap PR bunnies'

Where did you learn to write? America? Reminder: you decline the verb to be as follows:

I am
You are
He/she/it is

We are
You are
They are

Unless I am mistaken, the word 'bunnies' is plural, so it should be 'There are good...', no?

I read The Register because it is European. Moreover, I read it because it isn't an American publication and the bulk of its journalists have a decent grip on the language.

Please stop bastardising the language and GET YOUR GRAMMAR RIGHT.

Simon Wilson



Hey,

Adfilter is actually really good. I've been using it for ages and it does indeed strip most ads from the HTML of most common sites (metacrawler, altavista, etc,etc,etc). Saves me time downloading, so until BT are beaten to a pulp with a spiked railway sleeper and are forced to actually supply ADSL to people, it rocks.

Anyway, great site (as ever)..
Cheers
Rich Aplin



Let me first state, I am a avid reader of

The Register

, along with a large supporter of the domain being a editor on several larger Web sites myself.

I normally have nothing negative to say about the excellent reporting I find online but in reading this article today (AOL faces snooping court case), I found myself alarmed about the manner in which this subject matter was reported.

Privacy online is a major issue which affects all of us online. If Netscape's SmartDownload software does indeed secretly monitors all .exe and .zip files, this is not a subject matter which we should take lightly or just ignore, let alone attack the person whom made us aware of the situation as this article does. I find this report does not elaborate on any further details of the facts of the situation, and even manages to offend a whole country.

"This being the US, he'll probably have a psychiatrist in court saying that he suffers from a split personality disorder and so he is using the software to spy on himself."

Why is there the need for you throw out that punch at all of the United States as if we are all screwed up? This is nothing but negativity and is not going to produce anything positive for The Register but pissing off avid readers and supporters such as myself.

The fact of the matter is someone was keen enough to notice a program gathering up a profile on his activities online, without his prior knowledge or authorization, and wants to get to the truth of the matter, and learn why this program is doing this.

"Christopher probably saw what was going with DoubleClick at the moment and figured he'd have a go too."

This is not good reporting, and I am upset to see it on the front line of one of my favorite websites.




And that is it. It's Friday, we're knackered, looking forward to the weekend, but more importantly want to get down the pub. That shouldn't stop you emailing us though if you want to say something. We quite like it actually. ®

Seven Steps to Software Security

More from The Register

next story
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
Japanese artist cuffed for disseminating 3D ladyparts files
Printable genitalia fall foul of 'obscene material' laws
Brit Rockall adventurer poised to quit islet
Occupation records broken, champagne corks popped
Apple: No, China. iPhone is NOT public enemy number 1
Beijing fears it could beam secrets back to America
Canuck reader threatens suicide over exact dimensions of SPAAAACE!
How many As? Reg hack's writing cops a shoeing
Accused! Yahoo! exec! SUES! her! accuser!, says! sex! harassment! never! happened!
Allegations were for 'financial gain', countersuit claims
Carlos: Slim your working week to just three days of toil
'Midas World' vision suggests you retire later, watch more tellie and buy more stuff
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.