Posts Tagged ‘hacking’

I just got through building myself a new desktop PC.  It’s a combination of the techno and the craftsman — a hot new unlocked 3rd-generation quad-core Intel i5 on a Gigabyte motherboard using the cool Intel Z77 chipset, but without any case.  That’s right, all the boards, cables, fans, and drives are mounted on a vertical wooden spine with nothing around them, hanging out there for everybody to see, bare and uncovered.  Kind of like doing the Bay to Breakers ride in San Francisco: hey, here’s all my stuff, like it or look somewhere else.

But this isn’t about building hardware, it’s about remembering the smug satisfaction I had when I hit the “on” button (an old round brass doorbell button) for the first time and all the engines lit.  I paged through the many Gigabyte BIOS configuration screens and saw all the stuff I could twiddle and reset, it was great.  Digging, getting inside things, looking behind the “user interface” and into the minds of the designers, this makes it all worth while.  Hacking it, making it truly mine.  Works for me, big time.

And in that context, it’s disturbing to see how the term “hacker,” which to me is a good and honorable word , is so often used to describe techno-criminals of the worst sort.  Some crook exploits a known exposure in software that a few idiot users have not patched, and steals passwords or vacuums their bank account, and they cry that they were “hacked.” They really weren’t hacked, they were robbed with a computer after they failed to take the most basic precautions to prevent it.  There is a profound difference between hacking and theft.

I suppose it’s useless to try to stop this wretched misuse of the word, once the general press locks onto a name for something they don’t understand it’s all over but the self-righteous pontification.  But I try; if somebody calls me a hacker I am silently pleased, and I hate to see a perfectly good word turned into a criminal classification.

I recently did find a really good description of what a hacker is, in my terms, and I pass this on for your edification, here.  If you want to hack, here’s the real deal from one of the experts.  What struck me, though, was that one of his suggestions was to become a better and more fluent writer in your own native language, because:

If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we’ve generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can’t yet write competently, learn to.

He also points out that “attitude is no substitute for competence,” which is true to the core, and more surprisingly “develop an analytical ear for music,” and “develop your appreciation of puns and wordplay.”  Guess I’d agree with these, too, from my personal experience.  QED, the essence of being a hacker is no longer to be a reclusive, socially-disabled monomaniac.  Perhaps this reflects the almost overwhelming penetration of technology into our society.  The population of potential hackers is now much larger and includes all kinds of otherwise-normal people.  I’m for it.  Hacking is too much fun and way too important to our national future to be a closed community.

Read Full Post »

Make enough mistakes, and you will pay the price, no matter how much you think you know.  Here’s a good story about such a major hack, which was carried out on Mat Honen of Wired.  It’s worth reading, and reading carefully.

Part of the problem is rather egregiously poor security practices by AppleCare, Amazon, and to a certain extent, Google.  But a big part of the problem was self-inflicted, since Mat wasn’t properly backed up, he linked his cloud-service providers (iCloud and Google) together, he used the same prefix on many different email accounts (yourname@gmail.com, yourname@me.com, etc., you get the picture), and a few other things that made the attack much more successful and more painful.

He does have one key point, which is that cloud services should have higher security requirements than they do now, and that apparently the providers don’t understand that. Just a password is not enough. And as this points out, even the strongest password is useless if the provider’s customer service personnel will hand out your credentials in exchange for very weak authenticators, in this case billing address and last-four of your credit card.

It’s also not a good idea to link cloud accounts to each other, either using the linkages they provide for your use, or by using the same password on all of them.  This is not their fault, it’s yours.

Here’s the story, read it and weep: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/

Read Full Post »