WikiLeaks, freedom, and the battle of words

WikiLeaks cyberwar: Hackers bring down Swedish government site (The Telegraph).

Now that is a headline to grab your attention with those glitzy buzzwords “cyberwar” and “hackers”.  Even Carole Theriault, a senior security consultant at Sophos, a multi-national computer security firm, is quoted as saying:

If the big companies weren’t locking down their information before, they’re definitely doing it now.

This is really unprecedented and Amazon could be next.

… Hacking is illegal and it’s not just the companies which are the victims of this, it’s also the people who are trying to use their services to shop and the sellers of those items who can’t sell them.

Now I’d like to look at this quote in more detail, so let us break it down:

If the big companies weren’t locking down their information before, they’re definitely doing it now.

Imagine your data is a car which you’re parking on a street that has everything from multi-national corporations to drug dealers and pimps, let’s call that street “The Internet”. Now I’m guessing that most of us would close the doors and lock the car, set the alarm if we’ve had one installed, maybe even go back and check a few times (I can’t be the only one), because we know the cost of locking the door is far less than the cost of replacing the car.  Now here’s my problem with the above statement, big companies have not been locking the car, some of them haven’t even been closing the doors and yet when they come back and find the car has been broken into and the change in the glovebox has been taken they blame everyone but themselves.  When the British government lost public data by leaving laptops on trains, etc. they blamed the forgetful peon who dropped the ball and did not appear to question why someone was carrying such critical data in such an insecure manner in the first place.  We seeing a similar media frenzy now around the persecution of the WikiLeaks website rather than the more interesting question as to why the United States allowed so much critical and private data to be stored so insecurely that a single person could easily remove so much information.

This is really unprecedented and Amazon could be next.

Well DDoS attacks happen pretty frequently, what is unprecedented is the media interest in the case.  I agree Amazon could be next since the group is targeting organisations involved in the case, and Amazon dropped their contract to host the WikiLeaks website.  So guessing that the group might target another major involved party isn’t rocket science.

Hacking is illegal…

Okay here we’re not using the dictionary to it’s fullest are we, and some clarification is needed.  Let’s take a look at how Merriam-Webster define hacking:

Definition of HACK
transitive verb

  1. to cut or sever with repeated irregular or unskillful blows b : to cut or shape by or as if by crude or ruthless strokes <hacking out new election districts> c : annoy, vex —often used with off
  2. to clear or make by or as if by cutting away vegetation <hacked his way through the brush>
  3. to manage successfully <just couldn’t hack the new job> b : tolerate <I can’t hack all this noise>

intransitive verb

  1. to make chopping strokes or blows <hacked at the weeds>; also : to make cuts as if by chopping <hacking away at the work force> b : to play inexpert golf
  2. to cough in a short dry manner
  3. loaf —usually used with around
    1. to write computer programs for enjoyment
    2. to gain access to a computer illegally

So hacking isn’t illegal in most usages of the word.  Even in the realm of computers most hackers are just people who write computer programs, or in a broader sense people who modify electronic systems to perform tasks beyond which the system was initially designed for enjoyment.  In this sense I would describe myself as a hacker.

What the media describes as hacking is the criminal act of gaining access to a computer system illegally.  Again, the key words here are “criminal act” and “illegally” since many hackers are gainfully employed to use their skills to try and break into computer systems for governments and corporations to test the security which is in place.

What is the purpose of this rant?  Well, it is three fold:

  1. Governments, companies, and private individuals need to think more about how their data is stored, and how they secure it.  For too long it has been easier to blame the individual attack rather than the massive security oversight.  This impacts every one of us, because when your personal information gets left on a train, stolen by a disgruntled employee, or accidentally mailed to the wrong person (aren’t governments great), it will be each of us individually footing the bill to prove we are who we claim to be and that the problem was not caused by us.
  2. “Hacking” is not illegal.  “Hacking into a computer system with criminal intent” is illegal.  Society needs to understand this, since the continued negative image of hackers in the media encourages a neo-Luddite approach to technology and that in turn leads to the kind of data issues described in #1 above!
  3. “Don’t shoot the messenger” – I agree that WikiLeaks was not wise in publishing all this information without some form of fact checking or review.  However, it is vital the members of the public be able to blow the whistle on unfair practices and WikiLeaks performed a useful task in providing a credible location for this.  The problem here is that instead of releasing just information pertaining to wrong-doings (I agree that details about the Blair/Brown British Government’s dodgy dealings over the Lockerbie Bomber’s release should be made public, we need to know how corrupt our political ministers can be) but embassy communications are out of the public domain for a reason, and where they do not specifically unveil a wrong doing they should not be released for no reason.  In this instance the media frenzy around WikiLeaks seems bizarre, if one wrote a threatening letter one wouldn’t expect the authorities to hunt down the typewriter!

Now the big question I find myself pondering is this: Did the US citizen who stole the information and published it on WikiLeaks commit an act of treason?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s