Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Programming

Author Says It's Time To Stop Glorifying Hackers 479

First time accepted submitter Geste writes "Diane McWhorter pleads in this NYT Op-Ed piece that it's time to stop glorifying hackers. Among other things she rails against providers' tendencies to 'blame the victim' with advice on improved password discipline. Interesting, but what lesson are we to learn from someone who emails lists of passwords to herself?"
This discussion has been archived. No new comments can be posted.

Author Says It's Time To Stop Glorifying Hackers

Comments Filter:
  • Also time to stop (Score:5, Insightful)

    by Anonymous Coward on Monday March 10, 2014 @12:21PM (#46446821)

    glorifying actors, sports figures, politicians, generals, soldiers, writers, artists, architects, Canadians, cooks, race car drivers, the old, children, dogs, accountants, spies, computer programmers, cowboys, drug smugglers, and the disabled.

    • by i kan reed ( 749298 ) on Monday March 10, 2014 @12:30PM (#46446933) Homepage Journal

      Goddammit, you stole the thunder out of so many potentially good posts, fast-acting AC.

    • by bennomatic ( 691188 ) on Monday March 10, 2014 @12:44PM (#46447119) Homepage
      Let's stop glorifying the AC.
    • by jellomizer ( 103300 ) on Monday March 10, 2014 @01:07PM (#46447383)

      Well there is a difference between glorifying people who somewhat try to do positive things with their life, and achieved something from it.

      But Hackers, drug smugglers and much of the other black market activity really shouldn't be glorified. Because for every 1 person who does this for some noble deed there are a thousand stupid kids who do this because they think it is easy money.

    • by ackthpt ( 218170 ) on Monday March 10, 2014 @01:32PM (#46447707) Homepage Journal

      glorifying actors, sports figures, politicians, generals, soldiers, writers, artists, architects, Canadians, cooks, race car drivers, the old, children, dogs, accountants, spies, computer programmers, cowboys, drug smugglers, and the disabled.

      So long as we still glorify the Hypnotoad, I'm cool with that.

  • by Overzeetop ( 214511 ) on Monday March 10, 2014 @12:23PM (#46446843) Journal

    Note to the press: "Hackers" doesn't mean what you think is means.

    • by mwvdlee ( 775178 ) on Monday March 10, 2014 @12:30PM (#46446941) Homepage

      Indeed.

      There's a difference between somebody who takes a list of passwords and abuses it and somebody who finds security issues and reports them responsibly.
      There's also a difference between somebody who it a victim and somebody who gmails list of passwords to herself.

      Oblig. car analogy: The person stealing your car is a "criminal", the owner of that car is a "victim". The person bypassing the lock on his own car and then reporting the issue to the car manufacturer is a "hacker". The person keeping a keychain in her unattended car, with keys of all her properties, conveniently labelled what each key is for and where it can be found, is called an "Idiot".

      One does not preclude the other.

      • by lgw ( 121541 ) on Monday March 10, 2014 @12:41PM (#46447073) Journal

        The difference between "idiot" and "at fault" is huge.

        Users will be idiots. Does any IT admin deny this fact? If your system only protects users who aren't idiots, you're a sorry excuse for an admin.

        Make your system robust against weak passwords. This is not rocket science. If it's something important, use two-factor auth. If not, make account recovery easy - put real thought and effort into it! And for goodness sake, make sure your DB of password hashes doesn't become public - that's all in your hands, and it's completely your fault if that happens, weak passwords or strong.

        • by Aighearach ( 97333 ) on Monday March 10, 2014 @12:59PM (#46447291)

          Your system cannot protect the idiots from themselves. That is a trap you fell into somewhere. Most likely you simply agreed it would be nice if it was so. "Yeah, why can't we protect all our users?!"

          This isn't brain science or rocket surgery. The idiots have to have a way to access the system. They will NOT remember strong passwords, they will write them in a stupid place or keep them in gmail with public information as the account recovery. And guess what, you can't control gmail. Put some real thought into it, your idiot users will hand their access away to the first thief, and you can't do much to protect them.

          All you can do is protect your system and try to make anything important difficult enough to access that the idiots can't get in.

        • by jedidiah ( 1196 ) on Monday March 10, 2014 @01:12PM (#46447443) Homepage

          > The difference between "idiot" and "at fault" is huge.

          It depends on the environment. In some environments, you will be punished for leaving your valuables unsecured. It is considered bad policy to tolerate idiots that invite thieves.

          The meat space equivalent of what this idiot journalist does is illegal in some jurisdictions.

        • by Rinikusu ( 28164 ) on Monday March 10, 2014 @01:12PM (#46447449)

          I currently have over a dozen passwords I have to keep memorized for accessing various systems (each with their own unique login IDs and passwords), many of which are changed every 3-6 weeks and do stringent checks on previously used passwords. That's just for work, and not including the dozen or so username/passwords I use online in my personal time. Seriously, it's time to rethink passwords because if you don't like that I write all this shit down in a spreadsheet that I print out and stuff in a binder, well, it beats the other guys post-its on their monitors.

          • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Monday March 10, 2014 @01:37PM (#46447761)

            Seriously, it's time to rethink passwords because if you don't like that I write all this shit down in a spreadsheet that I print out and stuff in a binder, well, it beats the other guys post-its on their monitors.

            NOT ON THE COMPUTER!

            For work passwords, WRITE them down (pen) on a piece of paper and keep that piece of paper in your wallet.

            For home passwords, WRITE them down and then that piece of paper like any other important piece of paper for your home.

            If you do it on the computer you do not know that the system has not saved it to a temp file or something that a cracker will find.

            People who will physically break into your house and steal your computer are a different threat than people who will break into your computer via the Internet. Protections against one will not help against the other.

          • by UnknownSoldier ( 67820 ) on Monday March 10, 2014 @02:22PM (#46448277)

            Why the fuck aren't you using a password manager like KeePass / KeePassX ???

            Memorize one long master passphrase, copy/paste every other password.

        • by account_deleted ( 4530225 ) on Monday March 10, 2014 @01:16PM (#46447499)
          Comment removed based on user account deletion
      • by bennomatic ( 691188 ) on Monday March 10, 2014 @12:46PM (#46447145) Homepage
        LOL, I hope we've never had an argument before, because I think this is awesome. Absolutely the best /. post I've read all day.
      • by sjbe ( 173966 ) on Monday March 10, 2014 @01:22PM (#46447573)

        The person bypassing the lock on his own car and then reporting the issue to the car manufacturer is a "hacker".

        That is NOT how the term hacker is used by most of the population and I suspect you know that. "Hackers" are not considered good guys. Someone breaks into a computer (or car in your analogy) that is not their own? Hacker. A hacker *might* do what you describe but most are (or at least appear to be) engaged in considerably less honorable activities.

        I giggle every time nerd gets in a huff and tries to self righteously insist the word hacker is for the good guys and cracker (which is also a racial pejorative for white people) is the term for bad guys. When I was in college I had a black roommate that used the term cracker in that context to me (I'm white) in front of another black roommate. You should have seen the look on the other guy's face.

    • by Max Threshold ( 540114 ) on Monday March 10, 2014 @12:31PM (#46446949)
      And neither does "blaming the victim".
      • by NotDrWho ( 3543773 ) on Monday March 10, 2014 @01:07PM (#46447381)

        Expecting a potential crime victim not to be a fucking idiot isn't the same as blaming them for the crime. Yeah, in an ideal world, I should be able walk through the worst neighborhood in town waving a wad of cash at 2 a.m. yelling "I'm unarmed and have a lot of cash!" and not get robbed. And if I was robbed, it wouldn't be any less a criminal act on the criminal's part. But it would still make me a fucking idiot.

    • by nomadic ( 141991 ) <nomadicworld@nOspAm.gmail.com> on Monday March 10, 2014 @12:37PM (#46447019) Homepage
      The commonly-accepted usage of words is determined by the majority. Whatever "hacker" used to mean, it now means someone who bypasses computer security systems to commit crimes.
      • by fisted ( 2295862 ) on Monday March 10, 2014 @12:44PM (#46447111)
        Since the "majority" has not a faint idea what hacking is, or was, i refuse letting them assign new meaning to words they dojn't understand.
        IOW your argument is stupid.
        • by DaveV1.0 ( 203135 ) on Monday March 10, 2014 @01:38PM (#46447789) Journal
          The definition of a word is defined by usage. You have stated that you don't care what popular usage is, therefore you are stating that you don't care what the actual definition of a word is, you are going to use it how you think it should be used.

          Now, who is stupid: the person who is using the word as most of the human race uses it; or you, who is insisting on using the word according to the preference of a small group of people?



          P.S. if you say "him and everyone else", you should see a psychologist about your narcissistic delusions.
      • by Anonymous Coward on Monday March 10, 2014 @12:48PM (#46447159)

        Exactly. This ship sailed a long time ago. Time to give it up. The original meaning of "hacker" is dead. If you use it in that sense, you will only be miscommunicating with the vast majority that uses it in the new sense.

        Seriously people. Let it go. Words change. Many of the words you use now meant something else entirely a hundred years ago.

      • by Aighearach ( 97333 ) on Monday March 10, 2014 @01:03PM (#46447351)

        The commonly-accepted usage of words is determined by the majority.

        While I do agree that whatever "hacker" used to mean is called a "maker" now, you're way off on how word meanings are determined.

        It turns out, each word can have multiple meanings, and all the meanings with common published examples are the real meanings! Wow! Blows your mind, right?

        How can nerds expect the world to believe in our vocabulary if we can't even read dictionaries?

      • The commonly-accepted usage of words is determined by the majority. Whatever "hacker" used to mean, it now means someone who bypasses computer security systems to commit crimes.

        Hacker is someone who drives a hack, a horse and buggy or else car for hire. Another term for cab driver.

    • by GodfatherofSoul ( 174979 ) on Monday March 10, 2014 @12:41PM (#46447083)

      You don't get to supplant the definition of a word because you want to embrace it's favorable connotations while rejecting the negatives: I'm assuming you're referring to hacker vs. cracker.

    • by Aighearach ( 97333 ) on Monday March 10, 2014 @12:53PM (#46447219)

      If only we had a time machine, we could go back to the 90s and fight thing battle again. At this point I think it is fair to say, the word means whatever it is used for. Makers are the new hackers.

    • by real gumby ( 11516 ) on Monday March 10, 2014 @03:27PM (#46449049)

      Note to the press: "Hackers" doesn't mean what you think is means.

      So true.

      Interestingly House of Cards which includes a character who is a cracker and hacker (appears to have good hacking skills which he uses to break into systems). It appeared that the writers had actually made an effort to learn about the culture(s). For example there was a well done attack that combined social engineering and sleight of hand to defeat two factor authentication.

      Unfortunately his lines still made it clear that the writers didn’t really understand what those words really meant (sorta like when the marketing department uses the word “cloud”). And the set department still made the usual nonsensical computer displays. As for the character himself. well he was hardly glorified. In fact if I ever met a person like that my overshelming desire would be to smite him with a copy of the V7 manual. Twice, if he kept moving.

  • by coldsalmon ( 946941 ) on Monday March 10, 2014 @12:25PM (#46446863)

    Stop falling for the clickbait, Slashdot.

  • by Anonymous Coward on Monday March 10, 2014 @12:25PM (#46446879)

    And yea, that's spelled right. In all 57 states.

  • by Anonymous Coward on Monday March 10, 2014 @12:27PM (#46446893)

    Next thing you know we'll stop teaching kids to look both ways before crossing the street because we're teaching people not to drive drunk. But this just isn't how the world works.

  • Victim blaming (Score:5, Insightful)

    by LocalH ( 28506 ) on Monday March 10, 2014 @12:27PM (#46446903) Homepage

    Why the hell is there a trend nowadays to call it "victim blaming" to give people advice on protecting themselves? Is it really such a bad idea for people to do things to protect their passwords?

    I guess telling people to run antivirus is now "victim blaming", too.

    • by lagomorpha2 ( 1376475 ) on Monday March 10, 2014 @12:32PM (#46446963)

      Don't teach users not to run mysterious .exe files from suspicious people without antivirus software! Teach scammers not to scam!

    • by account_deleted ( 4530225 ) on Monday March 10, 2014 @12:38PM (#46447031)
      Comment removed based on user account deletion
      • Re: Victim blaming (Score:4, Insightful)

        by N1AK ( 864906 ) on Monday March 10, 2014 @12:54PM (#46447235) Homepage
        Careful, I'm not sure you can see over the top of all that hyperbolic. It isn't impossible for most people to hold the view that crime is bad an should be discouraged and that taking moderate steps to moderate your risk of being a victim is sensible; if you haven't already tried it then I'd strongly suggest giving it a go.
    • by Jason Levine ( 196982 ) on Monday March 10, 2014 @01:10PM (#46447421) Homepage

      There's a difference between trying to get people to protect themselves and blaming the victim. Telling users "you need to run an anti-virus" is giving advice. Telling users "you were hacked because you're an idiot that runs Microsoft software" is victim blaming. To take this away from the computer world, telling women "you could take a self-defense class or carry Mace with you" is advice. Telling a woman "you were raped because of the way you were dressed - that's just asking for it!" is victim blaming.

      There's an important distinction between the two. Even if the incident in question could have been avoided if the victim had taken protective measures, don't try to assign blame to a victim who is hurting from the incident. That's just going to cause ill will and won't lead to the person listening to you in the future. It is possibly to blame the perpetrator for the crime committed while still offering to help make sure incidents like these don't happen in the future,

    • by Princeofcups ( 150855 ) <john@princeofcups.com> on Monday March 10, 2014 @01:21PM (#46447559) Homepage

      Why the hell is there a trend nowadays to call it "victim blaming" to give people advice on protecting themselves? Is it really such a bad idea for people to do things to protect their passwords?

      I guess telling people to run antivirus is now "victim blaming", too.

      It's just misuse of the term by people who don't understand what it means. See: irony, meme, feminism, communism, fedora, ...

  • US blame culture. (Score:5, Insightful)

    by JustNiz ( 692889 ) on Monday March 10, 2014 @12:29PM (#46446919)

    So she emailed a list of passwords to herself, didn't bother encrypting it, and kept it in her on-line email account for 9 months, then she's actually surprised when she gets hacked?

    I look forward to the day when America gets back to the point where people start taking responsibility for their own actions again, instead of always looking for someone else to blame (and sue) for their own stupidity.

  • Author is s twat (Score:4, Informative)

    by scorp1us ( 235526 ) on Monday March 10, 2014 @12:31PM (#46446947) Journal

    He *emailed* himself his own password list then whines when his account gets hacked.
    NO SURPRISE HERE.

  • by Max Threshold ( 540114 ) on Monday March 10, 2014 @12:31PM (#46446955)
    Why do I recognize that name? What other stupid shit has she said?
  • by jcdr ( 178250 ) on Monday March 10, 2014 @12:32PM (#46446969)

    All others have to be quiet naive idiots ?

  • by gurps_npc ( 621217 ) on Monday March 10, 2014 @12:33PM (#46446983) Homepage
    It's not "Victim Blaming" unless someone attempts to punish the victim. Yelling at an idiot to stop throwing his mone the ground while closing his eyes is not victim blaming.

    See Adrienne Brown, who really was victim blamed.

    Or the poor woman in the Steubenville Rape case.

  • by slapout ( 93640 ) on Monday March 10, 2014 @12:33PM (#46446987)

    Author Diane McWhorter identity was stolen 6 times today

  • by Tom ( 822 ) on Monday March 10, 2014 @12:39PM (#46447051) Homepage Journal

    but what lesson are we to learn from someone who emails lists of passwords to herself?

    That real-world security is very disconnected from the clean and nice scenarios in your books and head, because real users think differently than geeks and do different things for different reasons. Some of them we gloat over and call them Lusers and other deragatory terms, but that's mostly to cover up our own insecurity because most of the Lusers out there have had ten times as many and twice as beautiful women and don't live in their mothers basements anymore.

    Yes, I know that's also untrue. The point is that different people have different skills and while many of the non-techie people do stuff that we techies consider stupid, they could laugh just as much about us in other areas of expertise. Maybe not women, maybe for them it's sports or marketing or making friends.

    So stop gloating and calling people stupid and look at what they can, in fact, teach you. In this case, there's quite a bit to be learned, not the least of which is that passwords are a moronic concept and need to die.

    • by wiredlogic ( 135348 ) on Monday March 10, 2014 @01:08PM (#46447405)

      passwords are a moronic concept and need to die

      There are two ways to implement authentication: Provide a unique token that you have possession of or provide an identifier that you have exclusive knowledge of. Things that you possess can be stolen by taking them (credit card, rfid badge, SecureID). Some things that you possess can't be used universally (fingerprints, iris/retina). Things that you know, however, can't be stolen so long as you keep them in your head. Which is more moronic?

  • by Jharish ( 101858 ) on Monday March 10, 2014 @12:40PM (#46447059)

    Hacker says it's time to stop listening to authors. Especially if they think hacker=computer criminal. It's got as much integrity as saying white people=bankers.

  • by Anonymous Coward on Monday March 10, 2014 @12:40PM (#46447061)

    Things I learned in reading that blabbering op-ed.

    Earthlink is still alive. (shocking, but meh...)
    Author likely uses same password for multiple publically known email accounts. (lacks even the least amount of personal information security training)
    Seems to think Gawker is a respected, um, network. (HAHAHA!)
    Thinks pepole hacking celebrity accounts or high-profile public figures is equivalent to what Snowden and similar whistleblowers do, at least as popularity is concerned. (Err...)
    Mentions term 'white hat' like it's a mythical unicorn. (turtles all the way down....)

    This is like a nail beutician, commenting on the security of a cars CAN bus. I want my 5 minutes back!

  • by Akratist ( 1080775 ) on Monday March 10, 2014 @12:46PM (#46447141)
    There seems to be no end to pinheads like this who run around and pontificate about crap they know nothing about. And, oh, hey, nice try impressing us with how sophisticated you are..."Oooh, look at me! I was at the museum of modern art! I'm ever so much better than you!" And, of course, she is part of the media class which spends a considerable amount of time glorifying violence to bring in entertainment dollars. The reality is that dumbshits like her owe most of their modern existence to "hackers" such as the Royal Society and others who refused to accept what they were told as conventional wisdom of the day and began "hacking" science and the natural world, producing great advances and inventions, and so on. I'll stop the rant now, and just say that useless flapjaws like her are the reason I ignore the major media...reading virtual fish wrappers like her column just wastes time I could spend doing more productive stuff which will actually help improve the lives of people instead of just making me look stupid in front of a national audience.
  • by StripedCow ( 776465 ) on Monday March 10, 2014 @12:46PM (#46447143)

    It is also time to stop glorifying Googlers and Facebookers.
    They should be called voyeurs.

  • by TranceThrust ( 1391831 ) on Monday March 10, 2014 @12:51PM (#46447189)

    A badly written rant containing ill-informed opinions, even when accounting for the author being no `geek', as she puts it.

    The problem is not the `glorification' of hackers (seriously?). The problem is that laws remain outdated to cope with this digital age. The problem is that governments rely on badly protected and badly regulated technologies.

    The problem is not having enough hackers.

  • by seyfarth ( 323827 ) on Monday March 10, 2014 @12:53PM (#46447217) Homepage
    Anyone with a lot of money and little computer security knowledge needs to hire someone to set up their computers and teach them safe practices. It would be worth several thousand dollars to a milliionaire to avoid the sort of problems Ms. McWhorter encountered. Perhaps she is not rich, but she has won a Pulitzer prize for writing. I think she could afford to try harder to be safe. Ideally an operating system should protect the user, but it is practically impossible to write complex software with no errors. People should be suspicious when their operating system comes with a time trial of anti-virus software. The fact that such software exists, makes it pretty obvious that the system is fragile. Ms. McWhorter writes well, but is clearly not a computer security expert. She needs help with her computer and on-line affairs.
  • Dear Diane... (Score:4, Interesting)

    by stox ( 131684 ) on Monday March 10, 2014 @12:59PM (#46447293) Homepage

    If you want to see what real hackers are about, come on down to H.O.P.E. this year, http://www.hope.net./ [www.hope.net] We're just a short walk away from the New York Times at the Hotel Pennsylvania.

    See you there!

  • by Jawnn ( 445279 ) on Monday March 10, 2014 @12:59PM (#46447305)
    ...should not pontificate about "hackers". OK, I'll spot her the inept use of the term, but aside from that, when it comes to cyber security, Diane McWhorter is clearly an idiot. She uses a public mail server to send her passwords to herself, across the Internet, unecrypted, and it's somebody else's fault when such idiotic stunts result in compromised security?
    Ms. McWhorter, It has nothing to do with "glorification". Criminals and miscreants will steal your shit if they can, often just because they can. The motivation doesn't matter. What matters is that they will. What matters even more is that one can, with a few simple steps, drive the likelihood of such a theft down to near zero. So when you fail to take those steps, you are being stupid. Its like never locking your house or your car and then crying foul when someone points out your negligence to you.
    • by TangoMargarine ( 1617195 ) on Monday March 10, 2014 @01:18PM (#46447533) Journal

      Have to say, after reading the first two paragraphs (have "paragraph" and "sentence" always been synonymous in news/paper articles?), I've already come to the conclusion that your comment is 100% accurate.

      I WAS at the Museum of Modern Art in New York not long ago, soaking in Edward Hopper’s retro downer mystique,

      Hmm...elitist art person?

      when I got a call that opened up brave new all-night-diners of doom and gloom.

      Rather inflammatory and blatantly attention-grabbing.

      The editor of thesmokinggun.com, a website that publishes embarrassing documents with headlines like “Man Jailed for Toilet Seat Attack on Disabled Kin,”

      Crass...just from the URL I can already tell that I don't want to know anything about the site because it'll probably depress me.

      had come into some documents of mine, including my Social Security number with birth date, a photograph of me assailing a moth infestation in an elderly friend’s kitchen

      Okay, not that surprising but obviously not fun.

      and nearly all my passwords.

      Aaaaand this immediately sets off my warning bells that you probably did something monumentally stupid in order for this to happen.

  • by JestersGrind ( 2549938 ) on Monday March 10, 2014 @01:05PM (#46447365)

    everyone to get off her lawn.

  • by niks42 ( 768188 ) on Monday March 10, 2014 @01:12PM (#46447441)
    Dayumn .. Somehow they are going to have to change their web site to Makaday
  • by Sponge Bath ( 413667 ) on Monday March 10, 2014 @01:13PM (#46447451)

    I'm a hacker,
    I'm a snacker,
    I'm a mid-night wacker.
    I get my lovin' on the net.
    Ooh, ooh, ooh, ooh

  • by Dutch Gun ( 899105 ) on Monday March 10, 2014 @01:21PM (#46447555)

    Ok, we're going to snicker at someone e-mailing password lists, because we all probably understand that e-mail, by default, is sent in the clear, and is therefore not secure. It's hard for tech geeks to properly empathize with "normals" who just want to get some work done, or surf around on the net and not worry about getting their computer taken over by some malware.

    Honestly, though, it's hard to blame normal users for this. Should a user have to be a computer expert in order to actually use a computer? Some might argue yes, but that doesn't seem too realistic. The fault lies with software developers who blindly rushed features out the door without giving proper thought to the security implications. Microsoft had a really bad habit of this until they made security a significant corporate priority - it's time for Apple to catch up now, as proven by the recent "goto fail" fiasco. The focus has since shifted to softer targets, first Javascript and browser exploits, and then third party plugins as those closed up, such as Adobe products or browser-based Java exploits, and the good time for hackers (no, I'm not going to call them "crackers") is still rolling on.

    Honestly, I'm not sure what the answer is: Probably most casual users should actually move away from fully-powered computers and move toward safer, more locked-down systems like tablets and phones (like they have been). For people not doing serious work or creating actual content, these are more than capable, and are certain safer systems in general. Alternatively, getting set up as a limited account in an operating system with a smaller attack surface like Linux would be fine too. BTW, I don't buy the notion that Linux is inherently safer than Windows (granted, that definitely used to be true) - it's a combination of fewer threats (because it's a less rich target) and configuration options - Windows is also very safe as a limited user account). We've seen plenty of serious security holes in very popular FOSS software, even recently. But people buy computers because they actually want to do computer-like things with them, including running popular software. Limited accounts / locked-down systems are not always feasible.

    One thing I'd love to see is the death of standard login-password mechanisms. It's too much of a burden for both a normal user to both create and remember a secure password, and for the website to keep that valuable user information secret. We've demonstrated again and again and again that eventually a crack will be found and the info will leak. That's why I'm hoping that something like SQRL will eventually see widespread adoption. It's biggest strength is that it doesn't require trusting ANY second or third party with secrets of any sort in order to keep your identify secure (granted, associated data can still be compromised, but your identify can't be stolen at least). It's a very promising system, but we'll see if it catches on - it's sort of a long shot. But for the time being, something like LastPass is the next best thing. Someone needs to tell the author of this article about it so she can stop e-mailing herself password lists.

  • by DaveV1.0 ( 203135 ) on Monday March 10, 2014 @01:51PM (#46447931) Journal
    I don't think I have seen one comment that "Guccifier" did was wrong. But, there are plenty of posts calling McWhorter an idiot, a pinhead, a shithead, etc. and telling her to shut up and that it is her own fault she was hacked.

    Most comments on here are verbally abusing the victim while completely ignoring the person who compromised her account and posted her personal details on line. And, I am willing to bet that if that happened to any of those posting said comments, the victim would want to kill the perpetrator.
  • by meustrus ( 1588597 ) <meustrus&gmail,com> on Monday March 10, 2014 @02:18PM (#46448237)

    Disclaimer: I didn't RTFA, and while I agree with the headline and summary, it's not for the same reasons and I actually have a lot of respect for real hacking.

    I agree that it's time to stop glorifying hackers. Not real hackers that find SSL vulnerabilities, or who hack the mainframe, or who embed assembly in their compiled programs. No, those people deserve all the glory they get (which is very, very little). No, I'm talking about the "hackers" that are always stealing peoples' passwords.

    A figurative 99% of security breaches happen because a password got stolen. That is not hacking. That is stealing a password. It requires no more technical competence than the average user possesses. If you write your password down and throw it away, the garbage man can find it and log into your email. Does that make him a hacker? No, it makes him an unethical, opportunistic garbage man.

    Password security is not equal to computer security. Real hackers compromise computer security, possibly resulting in a stolen password, or possibly resulting in access that renders the stolen password irrelevant. And if someone steals a banker's password and uses it to do things the banker is allowed to do, then there wasn't anything wrong with the computer security.

    That's not to say the user is automatically at fault for the password security. I mean, sure, the user could have handled the password better, but if that user understood that in the first place then there never would have been a problem. Password security is a policy detail. That's probably why it's usually the weakest link. Only the geeks understand enough to design an effective policy, but the geeks don't usually design good policies for non-geeks.

  • ... we don't glorify hackers, we glorify good people doing good things that benefit the common good. It just so happens that some of those people accomplish that goal by hacking.

  • by davydagger ( 2566757 ) on Monday March 10, 2014 @08:39PM (#46451597)
    We glorify much worse in society.

    Our top artist, Jay-Z is a man who made a career spanning over a decade rapping about being a criminal(gangsta rapper), and glorying a life soaked in drugs, loose women, and crime.

    On the other hand, we have movies like zero dark thirty which glorify torture.

    We glorify politicians who lie, cheat, and steal, and we encourage eachother to lie cheat and steal for them.

    When a kid is bullied in school they are generally blamed for being weak, socially unfit, or making themselves a target.

    Most celebrities, the people who we all mimick, do drugs, drive under the influence, sleep around, and act without a care for the rest of us. If we admit we don't like them, something is wrong with us. We re-adjust our social values around them.

    We glorify the press and the news, and when they get caught lying to us, often to assassinate someones character for either social or political reasons, strut around as if their position makes them nobility, and violate each and every rule they tell us they abide by with enough regularity its safe to say they don't exist, we extoll them as the saviors of democracy.

    But yes, its hackers. Hackers are making society a terrible place. If computer break ins where any other field besides computers, it would be socially accetable. If you get take advantage of financially, or make a silly mistake, well its proof the capitalists are smarter than you. If the bank takes advantage of your lack of time to fight them, its because they deserve to prey on the weak. If you break into the bank computers because the same smarty pants bankers are to daft to learn your field, your a terrorist.

    Somehow hackers are glorified? Another shitty op-ed from the NY Times, a fine publication with a long history of clueless op-ed writers, and hideously snobbish double standards.

    I've said this before, and I'll say it again, the NYT is a fine publication, but the opinion editorials are run by a bunch of smarmy yuppie shitheads without any real vantage point in society.

Stinginess with privileges is kindness in disguise. -- Guide to VAX/VMS Security, Sep. 1984

Working...