Nous Défions Tout
Hackers continue to be catalysts for change, scapegoats for every imaginable problem, and an unending source of ratings for news programs and inspiration for movie plots. Lately, though, this atmosphere has really been in high gear.
It doesn't help lessen the volume when every time a computer system is compromised or falls apart due to its own flimsiness that hackers are the ones deemed responsible. Hackers even get blamed when such scenarios are averted ("were it not for the investigation by this intrepid reporter, hackers could have been able to steal your identity..."). We need to all face the fact that there are lots of people out there with agendas who also happen to know how to use computers. While hackers can figure out tricks and security vulnerabilities (as well as figure out how to fix them), it doesn't take that same ingenuity to simply apply them en masse to target systems. It's simply an end user attack using hacker tools. Most anyone can do this.
That's why we thought it amusing that last year's attack on Sony was being attributed to an army of hackers from North Korea. First, as we've seen demonstrated often, hackers don't work well in armies. They tend to act as individuals and question all that is around them, which is what makes them good hackers in the first place. Hackers aren't particularly good at following orders, hence the large amount of them who wind up in detention at school and otherwise imprisoned elsewhere in life. (North Korea certainly wouldn't be a great environment for independent-minded hackers to thrive, not to mention that the extremely limited bandwidth into the country would make it a trivial task to cut them off.) Sure, there was hacking involved, but not in the way it was being portrayed virtually everywhere.
The security practices at Sony were unsurprisingly the biggest culprit. This is most always the case whenever you see a massive computer breach. We may never know the full story, but it's clear that way too much access was being given to certain users, far too much private data was being stored in an unencrypted form on a system connected to the Internet, and not enough attention was being paid to potential compromises. Supposedly their system had been owned for months before anyone thought to do anything about it. The company had gone data happy - storing everything and anything they could online and having it all connected to the network. What possible reason would there be to have unreleased movies stored online? Clearly, this just wasn't thought through.
Sony is far from alone in this. It's likely the majority of companies in existence today have serious lapses in digital judgment, keeping things online that should be isolated, going overboard with storing personal data, assuming everything is running smoothly without paying attention, etc. That's the real problem, and it's one that affects all of us because oftentimes that data belongs to us. When a bank or credit card company lets one of its massive databases leak onto the net or into someone else's account, it's our privacy that's the victim - without us having any say.
Above all else, though, when such stories hit the mainstream, beware of the spin that's inevitably attached to them. In the case of Sony's The Interview, there was a lot going on that escaped scrutiny. (We're referring to the ill-conceived movie that focused on the "hilarious" assassination of North Korean leader Kim Jong Un. To put it into perspective, if such a film were to be made with the same exact plot involving one of our leaders, it would probably be considered an act of terror, so it's hard to believe Sony was that surprised by North Korea's lack of enthusiasm for the project.) For one thing, the initial hacking of Sony's network had no stated connection to the production of this rather controversial film. It was only after pundits theorized that maybe there could be a connection that messages related to the film began to be sent from the alleged perpetrators. Everyone involved - from Sony to the intruders to the media - seemed to be latching onto this perceived issue in order to get themselves more publicity. We had a bit of fun with it ourselves, offering to show the movie on our own website when Sony suddenly decided it was too hot for them to touch. Of course, in the end they relented (or went along with their original plan, depending on which conspiracy you believe) and The Interview wound up doing quite well when it otherwise would have been largely ignored.
But another important point was illustrated with all of this, regardless of how we may have been manipulated. No matter how bad or offensive a particular statement, idea, or presentation is, being told you're not allowed to see, create, or talk about such a thing is far worse. In fact, nothing makes such a thing come to life more than turning it into forbidden speech.
This is nothing new to the hacker world. Whenever we're confronted with something we're "not allowed to know," we move mountains to learn all about it anyway. That is the life blood of this publication. Such a mentality extends to the Internet, where censorship is said to be thought of as a network problem that can be routed around. While The Interview got consistently poor reviews, it did well because we were ostensibly told we weren't allowed to see it. Brilliant marketing or the spirit of freedom, perhaps a mix of the two.
We've seen a similar - and far more serious - example of resistance to forbidden expression with the recent tragedy in Paris. Being told one cannot illustrate or disrespect an icon of a religion (in this case, the Prophet Muhammad) is anathema to anyone who truly believes in freedom of speech. In fact, we focused on this very idea in our Spring 1989 issue (detailed more thoroughly in Volume 6 of The Hacker Digest) when author Salman Rushdie had a bounty put on his head by Iran's Ayatollah Khomeini for his writings on Islam. It was no wonder the hacker community at the time took note of this incident. We've never reacted well to being told what we can and cannot say.
In the Charlie Hebdo case, the irony is particularly biting since the victims of this massacre were those who probably felt most passionately about protecting the rights of anyone under assault, whether it be for religious, ideological, or political reasons. They were certainly no friends of the ugly nationalism and religious intolerance that has been springing up in France and other countries, whether as a reaction to this kind of atrocity or because it never really disappeared in the first place. The journalists who were mowed down on that dark day in January represented that part of us dedicated to rebelling against any power attempting to control us through our speech. It's not a Western value or something that is alien to anyone on Earth. It's a human trait. If you tell someone they're not allowed to say something, the very first thing an individual will do is say it, whether out loud or to themselves. It has nothing to do with whether or not they believe it and everything to do with their right to process their own thoughts and reach their own conclusions.
It's easy to point to a case like this because of its magnitude and the perceived culture clash which is being exploited by all sides. But one doesn't have to look far to find an unending supply of other instances of journalists and common citizens being victimized because they asked the wrong question or made the wrong statement. You would be hard pressed to find a regime with the high moral standing to condemn what happened here without their looking like complete hypocrites. Governments, corporations, religions, institutions of all sorts are filled with conflicted statements and positions that simply make it impossible for them to judge their counterparts with any true legitimacy. As individuals, though, we have more power to confront our contradictions, to rethink our philosophies, and to challenge anything we're expected to accept without question.
This is what being a hacker has always been about. We don't fit into the agendas of large organizations and we don't take orders. We're there to challenge the status quo, to mess with the system, ask a million questions, and always try and come up with something different and better. And if you look back throughout history, you'll see that such challenges never come cheap.
