The truth about hacking is in the eye of the beholder
The gunfight at the O.K. Corral, the apex of the wild, wild west, lasted 30 seconds. I dare you to find a single movie version of the shootout that lasts just half a minute.
In the inaugural issue of the Kernel, the Daily Dot’s weekly Sunday magazine, we took a deep look at the state of hacking. One thing is obvious, to me at least, from the special report: when most of us think about hacking, what we imagine is as highly distorted a version of reality as any of those film treatments of the O.K. Corral.
And those fantasies likely tell us more about ourselves than they do about the world of hacking itself.
The world of hacking is surprisingly lo-fi.
In the words of one cybersecurity expert, “only amateurs attack machines; professionals target people.” Put another way, at the high end, identity theft is not about sophisticated technology, but about simple confidence schemes. It’s not elaborate programs that crack codes, but simple ruses—an email that seems to come from a close friend or colleague, a request to verify the information at your bank—that identity thieves rely on. A great hacker, said Gregg Housh, an activist and technical consultant on hacking, is ultimately a “good social engineer.”
Similarly, our exclusive look into the FBI sting operation that took down the United States’s most-wanted hacker and cyber criminal, Jeremy Hammond, reveals that they did not rely primarily on any compromised machine, but on the soft skills of a confidential informant. Despite carefully protecting his identity, what brought down Hammond were a few hints he dropped about himself as a person: where he lived, that he was a “freegan” (someone who scavenges for his food), etc.
Those clues led investigators to piece together Hammond’s identity and put him under surveillance (as in, a guy in a car across the street from his apartment, not a keylogging program on his computer). It was all far more Maltese Falcon than Hackers.
We shouldn’t really be surprised, when the law treats so many aspects of cyber crime as if it were 1986 (a year after Back to the Future came out, in case you’re having trouble remembering what that was like). That was the year that the Electronic Communications Privacy Act was passed—a law that has largely gone unupdated. At the time, email services could only store about two dozen emails. (When was the last time you had 24 emails? You “Inbox 0” jerks don’t count.)
Are hackers criminals or folk heroes?
Vivien Lesnik is the director of upcoming documentary The Hacker Wars, which tracks the prosecution of the three most prominent post-WikiLeaks hacktivists. “In a sense,” she said, “my film is about the co-opting of the fourth estate and the rise of the fifth.”
Lesnik clearly admires her subjects and views them as freedom fighters—they are the modern-day Billy the Kids. She hopes her own film will “make a glitch in the matrix.”
On the other hand, many hackers’ works are not so truly altruistically motivated. One of the most dangerous cyber surveillance tools in existence today was originally created to help people cheat at Halo. Since then, it’s not only been used to co-opt a Miss Teen USA’s webcam to take nude pictures of her, it’s been used by the Syrian government to keep tabs on and feed misinformation to the rebels.
Given that we’ve had outlaw heroes since at least the days of Spartacus, I suppose we shouldn’t be surprised that we romanticize cyber crime, whether that idealization is in terms of excitement or virtue.
At base, the romanticization itself relies on our fascination with crime, as do movies about the wild west or the mob. These criminal milieus are the proxies for our frustrated ids. Our romanticized visions are the fantasies of our own secret desires loosed unfettered upon the world.
Hacking is less whizbang and more human than we’d like to think. To those of us with less technical skill, hacking turns out to be more relatable for being a human, rather than technical, phenomenon. The humanness of it also illuminates the fact that it relies on the foolishness of its victims as often as it does on obscure technology. In a sense, the victims, as in any good con movie (e.g. The Sting) are complicit in compromising themselves.
We are even further complicit at the level of governance. At times, the line between freedom fighter and outlaw is as thin as the line between tyrant and protector, and our Wyatt Earps and Doc Hollidays—Jeremy Hammonds and Andrew “weev” Auernheimers—exist a bit on both sides of that line.
In turn, the rest of us are part of a system that is so dysfunctional that we have failed to even update the laws on email since 1986. When the system fails, it creates an imperative to act outside of it—usually with less than ideal consequences. For every George Washington, history offers a dozen Fidel Castros, and a hundred Mullah Omars. So long as we accept that failing system, then we are creating the conditions that give rise to the freedom fighter criminal—and we will have to deal with the consequences of that.
Whenever we tolerate living in Gotham, we are going to get Batman if we’re lucky—Harvey Dent, if we’re not.
From the trenches
This week the Daily Dot launched its weekly Sunday magazine, the Kernel. Each issue of the Kernel will be an in-depth, special report on a topic of importance to the Internet community. As you might have noticed, the first issue is a look at the state of hacking.
This is an important step for us in further developing our mission to inform active members of Internet communities. Each day, the Daily Dot covers the Internet with breadth and depth, but there’s a distinct type of understanding that comes from taking a moment to focus on something specific and consider it from all angles.
So far the reception has been great, and if you haven’t taken a look yet, I hope you’ll check it out. I’d love to know what you think of it, and I hope that we can be part of your Sunday morning routine, along with a good pot of coffee and pancakes.