The Greatest Trick The Government Ever Pulled Was Convincing The Public The 'Hacker Threat' Exists
from the the-2nd-was-continuing-taxation-long-after-representation-ceased-to-exist dept
The US government is already fighting wars on several fronts, including the perpetual War on Terror. "War is the health of the state," as Randolph Bourne stated, and the state has never been healthier, using this variety of opponents as excuses to increase surveillance, curtail rights and expand power.
Bruce Schneier highlights a piece written by Molly Sauter for the Atlantic which poses the question, "If hackers didn't exist, would the government have to invent them?" The government certainly seems to need some sort of existential hacker threat in order to justify more broadly/badly written laws (on top of the outdated and overbroad CFAA). But the government's portrayal of hackers as "malicious, adolescent techno-wizards, willing and able to do great harm to innocent civilians and society at large," is largely false. If teen techno-wizards aren't taking down site after site, how is all this personal information ending up in hackers' hands? Plain old human carelessness.
According to the Privacy Rights Clearinghouse, the loss or improper disposal of paper records, portable devices like laptops or memory sticks, and desktop computers have accounted for more than 1,400 data-breach incidents since 2005 -- almost half of all the incidents reported. More than 180,000,000 individual records were compromised in these breaches...By comparison, only 631 breaches were attributed to actual hacking, or at least hacking as it's portrayed by the government. Private entities aren't very worried about being hacked either, at least not from the outside. Their main concern, according to the Privacy Rights Clearinghouse, is "inside jobs" by disgruntled employees.
Nonetheless, the narrative advanced by the government (and passed along by the largely credulous mainstream media) of unstoppable hackers and their omnipresent threat to major companies, the government itself, average Americans and underlying infrastructure, continues nearly unimpeded. This narrative is essential to those in the government who wish to justify large-scale surveillance of anything and anyone connected to the internet. The scarier the image, the more it can get away with.
It is the hacker -- a sort of modern folk devil who personifies our anxieties about technology -- who gets all the attention. The result is a set of increasingly paranoid and restrictive laws and regulations affecting our abilities to communicate freely and privately online, to use and control our own technology, and which puts users at risk for overzealous prosecutions and invasive electronic search and seizure practices. The Computer Fraud and Abuse Act, the cornerstone of domestic computer-crime legislation, is overly broad and poorly defined. Since its passage in 1986, it has created a pile of confused caselaw and overzealous prosecutions.We've seen the overzealous prosecution and expressed disbelief and amazement at some of the interpretations of this outdated law. (Amazingly, Sauter's post was written before the most recent cases of overzealous prosecution.) And instead of fixing the CFAA, legislators are actively working to make it worse, even as overly-broad cybersecurity legislation is being negotiated in secret.
The "modern folk devil" image has become part of the mass consciousness. Anonymous and its various offshoots roam the internet, at turns wreaking havoc and helping the oppressed, like an electronic manifestation of Loki, the Distributed. These activities are duly reported by the media in ominous tones, further driving home the image of the hacker at Millennial Public Enemy No. 1. The acts and the perception of the damage caused by this hacking are miles apart, as is perfectly illustrated by xkcd.
Many members of the American public are already convinced something should be done about hackers. Many of our representatives feel the same way. A lack of knowledge of the underlying technology, much less the methods or culture, hasn't deterred legislators from crafting an overbroad response with the CISPA bill. Examining the issues more closely or reconsidering the legislation doesn't seem to be an option. After all, a "cyber Pearl Harbor" is all but inevitable, a conclusion confirmed by shouting "HACKER!" in the halls of Congress and hearing it echoed back by like-minded representatives, sympathetich government agencies, the media and a subset of the American public.
In the effort to protect society and the state from the ravages of this imagined hacker, the US government has adopted overbroad, vaguely worded laws and regulations which severely undermine internet freedom and threaten the Internet's role as a place of political and creative expression.The endgame is more control, and the "hacker" provides an ominous, omnipresent threat that, because of the hacker's naturally secretive nature, can neither be confirmed or denied with any veracity. Much like the War on Terror, this War on Hacking takes rights from the American public, carves out huge chunks and sends the gutted remains back to citizens in a package marked "Safety."
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cispa, cybersecurity, fud, government, hacking
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
22 year old tackled by a concerned citizen for "suspiciously" running away from a bomb blast in Boston. Anyone who looks Muslim and runs away from a bomb blast has to be a terrorist.
Who else would do such a thing?
[ link to this | view in chronology ]
Re: Re:
I disagree. It was a great trick, but terrorists can actually pose a real physical threat to large numbers of people. Hackers can't. So hackers was the greater trick.
Of course, it's all really the same trick over and over, with different boogymen. Remember when it was communists, then anarchists?
[ link to this | view in chronology ]
Re: Re: Re:
The 20th century was about the systematic destruction of the groups opposing laissez-faire capitalism. Once we had those posts taken over, the government was next. Now it's the public because they shouldn't be informed of what a computer can do in finding out information.
I hate that our government has been co-opted by people with reactionary responses to issues, but it's not going to get better if people ignore the policies and politics that are in play.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Furthermore, many of the abilities shown by hackers and techies on these shows are grossly exaggerated, compared to what is physically possible in the real world.
[ link to this | view in chronology ]
Re: Re:
I do not support brining down web pages and such, but if there is a hole they really need to pay people to fill it. It's sad that Hollywood has such a close connection to the DOJ.
[ link to this | view in chronology ]
Re: Re: Re:
Oh wait...
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Hackers was the over the top with the pretty much every bit of it.
[ link to this | view in chronology ]
Re:
Not to mention "Skyfall," which has some of the worst depictions of "hacking" I've ever seen (though it's still a good movie).
Frankly, I've never seen a depiction of hacking in a film that was even halfway accurate... probably because it's boring.
Also, the real way to "hack" systems isn't through computer programming; it's through social engineering. Of course, saying "you got hacked because you acted like an idiot" doesn't scare people enough to enforce bad laws, so...
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
You'd have to take on a lot of American history, starting with the founding of the country, if you want to argue for that one.
People organize. There's always some form of government. Even at the micro level there are families and tribes, which are forms of government.
[ link to this | view in chronology ]
Does the public need government?
Small tribal villages can get away with only minimal oversight, but large ones end up having internal strife as factions form and then wage war on each other. That's part of the purpose of spectator sports.
But yeah, that whole monopoly-on-force thing, where if you disregard the basic rights of another, law enforcement detects the infraction, arrests you and brings you to justice, is an important role.
Not that this is what we have anymore, now that the DoJ is conspicuously pro-rich and anti-poor. This isn't a situation that will sustain itself.
[ link to this | view in chronology ]
Re: Does the public need government?
Commons Has Expanded, Not Shrunk, Over Past 200 Years | On the Commons: "If you had asked the person next to you in New York or virtually any other city for a drink of water in 1825, they would have had a predictable response: go buy your own. ... Water, safe and dependable water, was a private responsibility. ... It was only after a cholera epidemic and a fire that political will expanded to create one of the nation’s first public water system."
Think Those Chemicals Have Been Tested? - NYTimes.com: "Pharmaceutical companies used to be able to sell drugs with minimal prior testing, but that changed after a drug called Thalidomide, given in the 1950s to pregnant women for morning sickness, was found to cause severe birth defects the public outcry helped push the medical field to take a precautionary approach to introducing new drugs."
[ link to this | view in chronology ]
Hackers are minor alongside Microsoft.
Your title is false besides stupid. This doesn't even come close to "Greatest Trick The Government Ever Pulled" -- too many bigger to list, but just the ginned-up war against Iraq that didn't attack the US with the WMD they didn't have exceeds it by millions of times.
[ link to this | view in chronology ]
Re: Hackers are minor alongside Microsoft.
So, yes... I *would* agree that this will be the greatest trick. It will be the trick where WE are bamboozled into giving up our rights, rather than bamboozled into war.
[ link to this | view in chronology ]
Re: Hackers are minor alongside Microsoft.
As much as I hate Microsoft, I have to point out that they were partly responsible for the democratization of the PC.
Had it not been for them, you would probably still be paying thousands (plural) of bucks for a mediocre PC.
So it wasn't all bad. Certainly not as bad as the rogue financial institutions who wrecked the economy or Big Oil that wrecks the economy AND the environment.
[ link to this | view in chronology ]
Re: Re: Hackers are minor alongside Microsoft.
True, but that was in the BeforeTime. Microsoft has long since used up the goodwill that they accrued from those halcyon days.
This is certainly not true. Cheap PCs aren't a result of Microsoft. If Microsoft never existed, you'd probably be using PCs not much different than what we have now, except they wouldn't be running Windows.
[ link to this | view in chronology ]
Re: Re: Re: Hackers are minor alongside Microsoft.
This is certainly not true. Cheap PCs aren't a result of Microsoft."
Moore's law might have something to do with cheaper PCs. Windows licenses led to a decade of a "Windows tax" that led to billions(plural of bucks)
wasted in Microsoft profits. Microsoft licenses required royalties from OEMs foreach computer sold, whether or not the unit actually contained the Windows operating system.
Accidental Empires only wastes a chapter on Microsoft:
http://www.cringely.com/tag/accidental-empires/
The first PCs used a cheap cpu found in micro wave ovens- These PCs uses CP/M , an operating system developed by Gary Kildall:
http://www.youtube.com/watch?v=ZV5eQZLIgOM
" If Microsoft never existed, you'd probably be using PCs not much different than what we have now, except they wouldn't be running Windows."
OSX,Linux or Android? Resources might not have been wasted on Wintel.. We might have moved on to ARM Risc-based processors sooner:
http://en.wikipedia.org/wiki/Reduced_instruction_set_computing#RISC:_from_cell_phones_to_ supercomputers
[ link to this | view in chronology ]
Re: Hackers are minor alongside Microsoft.
I am no MS fan (Linux FTW) but your rant is, as usual, nonsensical.
[ link to this | view in chronology ]
Re: Re: Hackers are minor alongside Microsoft.
It's a rare OOTB moment you just commented on.
[ link to this | view in chronology ]
Re: Re: Re: Hackers are minor alongside Microsoft.
[ link to this | view in chronology ]
Re: Re: Re: Re: Hackers are minor alongside Microsoft.
However, by including it for free on their operating system they did not have to pay royalties to Spyglass, which resulted in a lawsuit and a US$8 million settlement on January 22, 1997.
Although not included, this software can also be installed on the original release of Windows 95.
Internet Explorer 1 is no longer supported, or available for download from Microsoft. However, archived versions of the software can be found on various websites.
[ link to this | view in chronology ]
Re: Re: Re: Hackers are minor alongside Microsoft.
Your technical facts are as solid as ever:
"Spyglass licensed the technology and trademarks from NCSA for producing their own web browser but never used any of the NCSA Mosaic source code. Microsoft licensed Spyglass Mosaic in 1995 for US$2 million, modified it, and renamed it Internet Explorer"
http://en.wikipedia.org/wiki/Mosaic_(web_browser)#Background
Unless you're going to claim that spending millions on a licence in order to develop a version of the software you licenced is "making a blatant copy" (like your beloved Apple does all the time), then your facts are wrong.
"It's a rare OOTB moment you just commented on."
Not really. He tried to derail the thread with some silly distraction, then went full retard at the end with crap that has nothing to do with the issue being discussed. It looks par for the course to me.
[ link to this | view in chronology ]
Re: Re: Re: Re: Hackers are minor alongside Microsoft.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Hackers are minor alongside Microsoft.
Do you have a point, or are you just going to link to more sites that back up my facts rather than your version of them?
[ link to this | view in chronology ]
Re: Re: Re: Re: Hackers are minor alongside Microsoft.
[ link to this | view in chronology ]
Re: Re: Re: Hackers are minor alongside Microsoft.
I think it's an unfair characterization to say that IE is a blatant copy of Mosaic.
But that aside, why would Apple fans in particular be upset by it?
[ link to this | view in chronology ]
Re: Re: Re: Re: Hackers are minor alongside Microsoft.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Hackers are minor alongside Microsoft.
In any case, I was really just curious as to why the provenance of IE would hold any special interest to Apple fans. I would have thought that it would be something that holds little meaning for them at all, since Apple wasn't involved.
I'm thinking that my knowledge of the history of the two companies may be incomplete since I can't connect those dots.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Hackers are minor alongside Microsoft.
Having said that, I'm not exactly sure what Wally's point is here, except to try and launch some half-assed potshots at Microsoft. There's a lot to criticise Microsoft for, but IE1 is small potatoes is the larger scheme of things. If he doesn't want to go for the later antitrust issues with IE, he could at least go for the DR-DOS/AARD code and Wordperfect fiascos (in both cases Microsoft apparently introduced incompatibilities and/or misleading error messages into Windows 3.1 and 95 respectively, in order to falsely imply that competitors' products would be incompatible).
[ link to this | view in chronology ]
Re: Re: Hackers are minor alongside Microsoft.
You have been fed this MS propaganda.Cheap PCs were the result of open standards or open system architecture (BIOs)- nothing produced by Microsoft.
"What does Microsoft have to do with the threat of hacking"
Microsoft Windows is to computing is what STDs are to sex:
http://m.guardian.co.uk/technology/blog/2010/oct/13/microsoft-security-botnets-fixes
"amo ng the top ten worst burdens on and threats to mankind."
The monopolist has become a parasitic patent troll.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Rather reminds me of 1984 ...
[ link to this | view in chronology ]
Re: Rather reminds me of 1984 ...
At least for two minutes every day...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Have I got the order right
But But But The Germans
But But But The Communists
But But But For The Children
But But But The Hackers
But But But The Indians (you know, the real ones from India)
But But But The Mexicans
But But But The Terrorists
But But But The Hackers
Personnally, I see a trend here...... 50 bitcoins to whoever can predict next years But But But..... from the Congress Critters who seem to be unable to balance a very real budget, but can spend Billions chasing the next boogeyman that was created via FUD.
[ link to this | view in chronology ]
Re: Have I got the order right
He can launch ICBMs with his cellphone!
[ link to this | view in chronology ]
Re: Have I got the order right
But But But The Insurrectionists!
[ link to this | view in chronology ]
Re: Have I got the order right
[ link to this | view in chronology ]
Where the 'h' did that come from? (:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
another great parody of thought from best site since The Onion
don't worry, folks: within a couple weeks there'll be a reason for the "B" story to reappear: "hackers are the new form of power and they are transforming/fixing our whole world for the better, so you get out of the way"
sadly, there will not be a "C" story, noting how often this site and others oscillate between the two, whichever one happens to serve the interests of the day.
nor will there be one reflecting on the way Google, Facebook, and other now-huge corporations specifically look for "hackers" as their #1 form of pre-employment qualification, and how many of those who go on to work at those places self-identified as "hackers" before they "sold out." THEY think hackers are powerful. So do the ex-hackers who go to work for them.
Nor will there be a column reflecting on the fact that because government and corporate secrecy are at an all-time high, in part due to the efforts of many ex-hackers who work for corporations and the military, none of us really know how much damage hackers do or don't do. the govt's hacker alarms might be propaganda, they might be 100% true, and they might be in-between, and nobody on this site actually knows, despite the trolling commentary and stories insisting they do know.
on an editorial note, your link that says it's to a Bruce Schneier column goes to an unrelated story by Doug Bandow.
[ link to this | view in chronology ]
Re: another great parody of thought from best site since The Onion
Hackers aren't powerless, they are just not worth worrying about. The bad stories are true, they are just few and far between, and even most of those are just about people doing regular old boring crime with computers, they aren't usually about super powered techno wizards actually breaching real security and/or doing real damage.
[ link to this | view in chronology ]
Was that Schneier/Sauter link right?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I don't think you linked to the right article by Bruce Schneier. The URL points to the Cato Institute:
"War Is the Health of the State, Redux" By Doug Bandow
[ link to this | view in chronology ]
Re:
I didn't look at the writer....
[ link to this | view in chronology ]
Ridiculous
[ link to this | view in chronology ]
Re: Ridiculous
Yes, they are disruptive to the target. Yes, they can be used to hide real hacks. But a DDOS by itself does not allow unauthorized access, just as a traffic jam outside a bank branch doesn't let a bank robber stroll into the vault.
[ link to this | view in chronology ]
Re: Re: Ridiculous
[ link to this | view in chronology ]
Re: Re: Re: Ridiculous
That would be the sign of a rather sophisticated DDOS.
Anonymous "hijacked" computers with java code on websites (which is to say they participated so long as the site was running on their computer. In some cases they used volunteers. In other cases they tricked unwitting players to hang out on their attack site.
But yours isn't a zombie computer until it has some malicious botnet infrastructure installed.
[ link to this | view in chronology ]
Re: Re: Re: Re: Ridiculous
[ link to this | view in chronology ]
"Many members of the American public are already convinced something should be done about hackers."
... would be the same members who once thought PCs came with a free cup holder.
[ link to this | view in chronology ]
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.
I am a hacker, and this is my manifesto. You may stop this individual,
but you can't stop us all... after all, we're all alike.
[ link to this | view in chronology ]
Witchcraft
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Sorting out security info
There isn't really a totally unbiased discussion of actual threat levels.
What I do believe is that there is so much intertwining between government and private contractors that I don't think the government does anything that isn't backed by private enterprise at some level. So if you want to make sense of that connection, follow the money. US government isn't really distinct from private enterprise. It is, these days, often a manifestation of private enterprise and special interests.
[ link to this | view in chronology ]
Re: Sorting out security info
This kind only poses a threat to systems connected to the internet, of course, so it's easy to eliminate them from the national security picture altogether by making sure that no critical systems are connected to the internet. There kinds of hackers are not terribly important. They can cause inconvenience and financial loss, but they can't make airplanes fall out of the sky or blow up nuclear reactors or anything like that.
The second kind are the serious hackers. They primary target systems not connected to the internet (think the Iranian centrifuges, for example). These people know what they're doing, can cause real damage, and are difficult to defend against. They're also rare and usually state-sponsored.
The government is properly concerned with that second type, and their scare-talk is really about them. However, they conflate that sort of hacker with the garden-variety and essentially harmless kind in order to exaggerate the overall threat. This lets them put surveillance measures onto the internet itself. Doing so is not related to legitimate national security, but they can't get people on board by saying what it's really related to: domestic social control.
Does this help clarify the landscape?
[ link to this | view in chronology ]
Re: Re: Sorting out security info
I have no problem with people being wary of "domestic social control." But I always go a step further to point out that I think companies collecting data are facilitating this, directly or indirectly. If that data is being collected, if that data is being sold, and if people don't clearly know what data is being collected about them and how it is being used, then the entire system is inter-related. Trying to cite government as the sole bad guy strikes me as a cover for the lack of systematic privacy.
[ link to this | view in chronology ]
Re: Re: Re: Sorting out security info
You're right about private companies being a huge part of the problem. The government we vote for uses private companies heavily, specifically because private companies aren't restricted by things like the Constitution.
[ link to this | view in chronology ]
Re: Re: Re: Re: Sorting out security info
Yes, I think the push for privatizing everything gives lots of cover to those collecting and using data. If citizens protest the government, just have those functions done by private companies that want to do away with any restrictions/regulations on their actions anyway. We replace a semi-regulated system (government) with a totally unregulated system (private enterprise).
[ link to this | view in chronology ]
THIS is the issue
Google Glass and the emerging Glasshole culture | ZDNet: "With Glass, because the device is being worn and there's no indication of when it is being used, one has to assume that the wearer is recording everyone all of the time."
[ link to this | view in chronology ]
Something to comment on
The USA Gov. wishes to monitor TONS of information in every direction on the NET. Yes there are back doors to many systems and sites, and DONT think that your Privacy is secure.
There are OLD hat ways to make things secure, but those ways of doing things have been passed up for Quick and DIRTY programming, with HOLES IN IT.
The, Partly SMART, computer user is and can be more protected then the Gov./corps for many reasons. We can CHANGE things faster..We can FIX things faster, we can go out and evaluate programs. The Gov/Corp has to install this on MANY system inside there WHOLE system, not just 1-2 computers.
Difficulties come when the GOV wishes to WATCH us. it has to get the Corps to put MORE HOLES in our net and on our computers..HOLES are not good things. MS installed a CERTIFICATE system into their system to Check sites and servers..Problem: it cost $99 per year to get one, and the hackers Bought a few and found the coding.. Found that it allowed the site to INSTALL anything, because it was Certified..
If you want NETWORK security you dont allow access to your MAIN SERVER. This is a OLD known idea. Anything thats needed to be INPUT must be Scanned MANY times(in different ways) before you allow it on the system. You scan the software for Virus Bots, and then the Code to see if its PROPERLY WRITTEN, then you run it on a auxiliary system and EMULATE what it will do. (esp on/for critical system)
AND the biggest thing...BACKUP BACKUP BACKUP..1 backup isnt enough. AND you TEST your backup. its very time consuming. it requires EXTRA hardware and money..
[ link to this | view in chronology ]
Typical citizens' impression is probably from the movies, too. But at least they don't get to make laws based on that "knowledge."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
By the numbers....
While you're at it, look up the number of TSA agents that are convicted sex offenders.
[ link to this | view in chronology ]
[ link to this | view in chronology ]