Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Myth of the Superhacker

Posted by CowboyNeal on from the scourge-of-the-internet dept.

mlimber writes "University of Colorado Law School professor Paul Ohm, a specialist in computer crime law, criminal procedure, intellectual property, and information privacy, writes about the excessive fretting over the Superhacker (or Superuser, as Ohm calls him), who steals identities, software, and media and sows chaos with viruses etc., and how the fear of these powerful users inordinately shapes laws and policy related to privacy and digital rights."

5 of 305 comments (clear)

  1. Re:interesting, amd maybe not surprising by DynaSoar · · Score: 2, Interesting

    I could easily say the same thing about the people I encounter in science. In particular, the author of this article. In TFA, he defines his term and then deconstructs his own definition. An imaginary straw man. In his linked article on DRM, he calls it empirical despite the fact it's a survey. He draws conclusions despite his admission that it was not statistically significant. It's easy to pull science out of your ass and call it empirical, and apparently to get attention for it, when you're presenting it to an applied technology field. It's a lot harder to do when you're working in an experimentally oriented field.

    As for the people you're encountering, and the people he's talking about, they're not the same. You won't encounter the people he's describing working for an IT department, supporting users who don't know their ASCII from a hole. If any did happen to be working in your organization, you probably would never hear anything from them because they'd fix their own problems. And if you did hear from them, they'd know not to let on how much they know.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
  2. Re:Ah, just call me... by ez76 · · Score: 5, Interesting
    It is a foregone principle in developing secure systems, that you have to assume every user is the "superhacker" and cannot be trusted.

    It doesn't take much reasoning to show why this must be the case.

    So why is Ohm resistant?

  3. Re:From 'The Usual Suspects' by PitaBred · · Score: 2, Interesting

    http://www.cs.helsinki.fi/u/hprajani/phun/god-v-sa tan.png

    Screw that. Give me Satan any day.

    --
    My blog. Good stuff (when I remember to update it). Read it.
  4. Re:Whois Paul Ohm? by digitalhermit · · Score: 4, Interesting

    All it takes is a little ignorance.. There's a saying that goes, "The man with one eye is king in the kingdom of the blind." I'm hardly a guru and know about as much about DNS, TCP/IP, networking and operating systems as the next career IT guy. But it's cool how things get started..

    At one company I was asked to "break into" a Windows machine. The previous user had left and only he had the password. He was not on speaking terms with the company. Luckily, the user had given me the password to another system. Even luckier, he used the same password. So after about fifteen minutes of making myself look busy, I tried his password and got in. No one asked how I was able to get in; everyone assumed that I was able to hack the system.

    At another company there was a dusty router that sat in a rack. One day it stopped working. They'd tried power cycling it (their usual troubleshooting step), but that didn't work. So I went in, unplugged it for a few minutes, plugged it back in. I was looking through the manual for a troubleshooting guide when someone comes over and congratulates me.

    Richard Feynman had a similar story but it involved safe cracking. And most people know the joke about the plumber, the punchline being, "but knowing where to hit costs $300." Forget the latter, it's not relevant...

    Anyhoo, the point I'm making is that it's easy for people to mistake dumb fool luck and bullshit for real expertise. I know this firsthand.

  5. Re:Ah, just call me... by Anonymous Coward · · Score: 2, Interesting

    Maybe we should be more concerned about the news media and Hollywood romanticizing the image of the "Super Hacker". This tends to lead to situations where 16-yr old kids are being sent to jail for nothing more than digital vandalism because they believe it "looks" cool. Not only did they do something unethical, you know that they obviously found instructions on how to do it if they didn't even know enough to cover their tracks.
    The author also has an excellent point with respect to how laws have changed as the above mentioned individual (Google "Daphne High School Hacker Alabama") will be prosecuted for a federal crime and a felony---for deleting data from a high school grading system---that was backed up. Does THAT punishment fit the crime when murderers and rapists are still prosecuted at the state level?
            Federal crimes require that you do 80% of the time before being considered for parole...state crimes are almost to the opposite extreme.
    Just my 2 cents....Great topic by the way.