Slashdot Mirror

← Back to Stories (view on slashdot.org)

Author Says It's Time To Stop Glorifying Hackers

Posted by samzenpus on from the no-praise-for-you dept.

First time accepted submitter Geste writes "Diane McWhorter pleads in this NYT Op-Ed piece that it's time to stop glorifying hackers. Among other things she rails against providers' tendencies to 'blame the victim' with advice on improved password discipline. Interesting, but what lesson are we to learn from someone who emails lists of passwords to herself?"

33 of 479 comments (clear)

  1. Also time to stop by Anonymous Coward · · Score: 5, Insightful

    glorifying actors, sports figures, politicians, generals, soldiers, writers, artists, architects, Canadians, cooks, race car drivers, the old, children, dogs, accountants, spies, computer programmers, cowboys, drug smugglers, and the disabled.

    1. Re:Also time to stop by i+kan+reed · · Score: 4, Funny

      Goddammit, you stole the thunder out of so many potentially good posts, fast-acting AC.

    2. Re:Also time to stop by NotDrWho · · Score: 5, Funny

      Come on now, no one glorifies clowns.

      --
      SJW's don't eliminate discrimination. They just expropriate it for themselves.
    3. Re:Also time to stop by NotDrWho · · Score: 5, Funny

      That's because they think outside the box.

      --
      SJW's don't eliminate discrimination. They just expropriate it for themselves.
    4. Re:Also time to stop by ackthpt · · Score: 4, Funny

      glorifying actors, sports figures, politicians, generals, soldiers, writers, artists, architects, Canadians, cooks, race car drivers, the old, children, dogs, accountants, spies, computer programmers, cowboys, drug smugglers, and the disabled.

      So long as we still glorify the Hypnotoad, I'm cool with that.

      --

      A feeling of having made the same mistake before: Deja Foobar
    5. Re: Also time to stop by Zero__Kelvin · · Score: 3, Insightful

      It took me a while to notice, but your post is what made me realize that most of the people posting here up until now have no idea what a hacker is.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    6. Re:Also time to stop by Ardyvee · · Score: 4, Interesting

      The thing is, there is the general public definition of hacker (ie a criminal), and then there is the definition of hacker by other people that is something along the lines of: somebody who likes to take things apart, exploring the system's limits; an expert on the field. The later definition includes people like the Elf Lord you mentioned, Abby (from the same show), most security consultants, criminals, etc.

      Therefore, his comment is valid for a certain definition of hacker (and most hackers don't reach the news because they are security consultants, or work in IT in a company, or report the issues to the companies who don't go "YOU HACKED INTO MY SYSTEM NEED TO SUE"). And thus: the biggest problem IT people have when communicating with the rest is that neither side really talks the same language. How are we going to communicate effectively and solve issues if we don't really share the same language?

      --
      I don't care if I'm wrong. I only care about everyone obtaining something from the discussion.
  2. You keep using that word by Overzeetop · · Score: 5, Insightful

    Note to the press: "Hackers" doesn't mean what you think is means.

    --
    Is it just my observation, or are there way too many stupid people in the world?
    1. Re:You keep using that word by mwvdlee · · Score: 5, Insightful

      Indeed.

      There's a difference between somebody who takes a list of passwords and abuses it and somebody who finds security issues and reports them responsibly.
      There's also a difference between somebody who it a victim and somebody who gmails list of passwords to herself.

      Oblig. car analogy: The person stealing your car is a "criminal", the owner of that car is a "victim". The person bypassing the lock on his own car and then reporting the issue to the car manufacturer is a "hacker". The person keeping a keychain in her unattended car, with keys of all her properties, conveniently labelled what each key is for and where it can be found, is called an "Idiot".

      One does not preclude the other.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    2. Re:You keep using that word by nomadic · · Score: 4, Insightful

      The commonly-accepted usage of words is determined by the majority. Whatever "hacker" used to mean, it now means someone who bypasses computer security systems to commit crimes.

    3. Re:You keep using that word by lgw · · Score: 4, Insightful

      The difference between "idiot" and "at fault" is huge.

      Users will be idiots. Does any IT admin deny this fact? If your system only protects users who aren't idiots, you're a sorry excuse for an admin.

      Make your system robust against weak passwords. This is not rocket science. If it's something important, use two-factor auth. If not, make account recovery easy - put real thought and effort into it! And for goodness sake, make sure your DB of password hashes doesn't become public - that's all in your hands, and it's completely your fault if that happens, weak passwords or strong.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    4. Re:You keep using that word by fisted · · Score: 3, Insightful

      Since the "majority" has not a faint idea what hacking is, or was, i refuse letting them assign new meaning to words they dojn't understand.
      IOW your argument is stupid.

      --
      CLI paste? paste.pr0.tips!
    5. Re:You keep using that word by Anonymous Coward · · Score: 3, Insightful

      Exactly. This ship sailed a long time ago. Time to give it up. The original meaning of "hacker" is dead. If you use it in that sense, you will only be miscommunicating with the vast majority that uses it in the new sense.

      Seriously people. Let it go. Words change. Many of the words you use now meant something else entirely a hundred years ago.

    6. Re:You keep using that word by Aighearach · · Score: 4, Insightful

      Your system cannot protect the idiots from themselves. That is a trap you fell into somewhere. Most likely you simply agreed it would be nice if it was so. "Yeah, why can't we protect all our users?!"

      This isn't brain science or rocket surgery. The idiots have to have a way to access the system. They will NOT remember strong passwords, they will write them in a stupid place or keep them in gmail with public information as the account recovery. And guess what, you can't control gmail. Put some real thought into it, your idiot users will hand their access away to the first thief, and you can't do much to protect them.

      All you can do is protect your system and try to make anything important difficult enough to access that the idiots can't get in.

    7. Re:You keep using that word by Aighearach · · Score: 3, Informative

      "Hackers" are called Makers now. We lost that language war, but we have a new term now.

    8. Re:You keep using that word by Aighearach · · Score: 3, Insightful

      The commonly-accepted usage of words is determined by the majority.

      While I do agree that whatever "hacker" used to mean is called a "maker" now, you're way off on how word meanings are determined.

      It turns out, each word can have multiple meanings, and all the meanings with common published examples are the real meanings! Wow! Blows your mind, right?

      How can nerds expect the world to believe in our vocabulary if we can't even read dictionaries?

    9. Re:You keep using that word by Rinikusu · · Score: 5, Informative

      I currently have over a dozen passwords I have to keep memorized for accessing various systems (each with their own unique login IDs and passwords), many of which are changed every 3-6 weeks and do stringent checks on previously used passwords. That's just for work, and not including the dozen or so username/passwords I use online in my personal time. Seriously, it's time to rethink passwords because if you don't like that I write all this shit down in a spreadsheet that I print out and stuff in a binder, well, it beats the other guys post-its on their monitors.

      --
      If you were me, you'd be good lookin'. - six string samurai
    10. Re:You keep using that word by RabidReindeer · · Score: 3, Insightful

      You could use a password manager like KeePass, LastPass, PasswordSafe, etc. Is there some reason you don't?

      And even if there is, reconsider it. You can keep a password safe database(s) on a thumb drive handcuffed to your wrist if you want to be really paranoid. The databases are encrypted, but if they're physically tethered to you, you'll have to take them with you instead of possibly leaving them unguarded on your desk.

      The idea of making different apps all have different passwords (as opposed to single signon or a password safe/PIN vault under a master password) may sound secure, but nobody's memory is that good, and the resulting post-its, unencrypted spreadshhets, Windows Notepad files or whatever means that in reality, you may be less secure, rather than more secure.

  3. Time to stop glorifying the NYT Op-Ed by coldsalmon · · Score: 5, Insightful

    Stop falling for the clickbait, Slashdot.

  4. Hackers get no RSPECT by Anonymous Coward · · Score: 3, Funny

    And yea, that's spelled right. In all 57 states.

  5. Blaming the victim? by Anonymous Coward · · Score: 4, Insightful

    Next thing you know we'll stop teaching kids to look both ways before crossing the street because we're teaching people not to drive drunk. But this just isn't how the world works.

  6. Victim blaming by LocalH · · Score: 5, Insightful

    Why the hell is there a trend nowadays to call it "victim blaming" to give people advice on protecting themselves? Is it really such a bad idea for people to do things to protect their passwords?

    I guess telling people to run antivirus is now "victim blaming", too.

    --
    FC Closer
    1. Re:Victim blaming by lagomorpha2 · · Score: 4, Funny

      Don't teach users not to run mysterious .exe files from suspicious people without antivirus software! Teach scammers not to scam!

    2. Re: Victim blaming by N1AK · · Score: 3, Insightful

      Careful, I'm not sure you can see over the top of all that hyperbolic. It isn't impossible for most people to hold the view that crime is bad an should be discouraged and that taking moderate steps to moderate your risk of being a victim is sensible; if you haven't already tried it then I'd strongly suggest giving it a go.

  7. US blame culture. by JustNiz · · Score: 4, Insightful

    So she emailed a list of passwords to herself, didn't bother encrypting it, and kept it in her on-line email account for 9 months, then she's actually surprised when she gets hacked?

    I look forward to the day when America gets back to the point where people start taking responsibility for their own actions again, instead of always looking for someone else to blame (and sue) for their own stupidity.

  8. Author is s twat by scorp1us · · Score: 3, Informative

    He *emailed* himself his own password list then whines when his account gets hacked.
    NO SURPRISE HERE.

    --
    Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
  9. My takeaway.. by Anonymous Coward · · Score: 3, Funny

    Things I learned in reading that blabbering op-ed.

    Earthlink is still alive. (shocking, but meh...)
    Author likely uses same password for multiple publically known email accounts. (lacks even the least amount of personal information security training)
    Seems to think Gawker is a respected, um, network. (HAHAHA!)
    Thinks pepole hacking celebrity accounts or high-profile public figures is equivalent to what Snowden and similar whistleblowers do, at least as popularity is concerned. (Err...)
    Mentions term 'white hat' like it's a mythical unicorn. (turtles all the way down....)

    This is like a nail beutician, commenting on the security of a cars CAN bus. I want my 5 minutes back!

  10. Maybe it's time to take away her soapbox by Akratist · · Score: 3, Informative

    There seems to be no end to pinheads like this who run around and pontificate about crap they know nothing about. And, oh, hey, nice try impressing us with how sophisticated you are..."Oooh, look at me! I was at the museum of modern art! I'm ever so much better than you!" And, of course, she is part of the media class which spends a considerable amount of time glorifying violence to bring in entertainment dollars. The reality is that dumbshits like her owe most of their modern existence to "hackers" such as the Royal Society and others who refused to accept what they were told as conventional wisdom of the day and began "hacking" science and the natural world, producing great advances and inventions, and so on. I'll stop the rant now, and just say that useless flapjaws like her are the reason I ignore the major media...reading virtual fish wrappers like her column just wastes time I could spend doing more productive stuff which will actually help improve the lives of people instead of just making me look stupid in front of a national audience.

  11. Dear Diane... by stox · · Score: 3, Interesting

    If you want to see what real hackers are about, come on down to H.O.P.E. this year, http://www.hope.net./ We're just a short walk away from the New York Times at the Hotel Pennsylvania.

    See you there!

    --
    "To those who are overly cautious, everything is impossible. "
  12. The Song of Their People by Sponge+Bath · · Score: 4, Funny

    I'm a hacker,
    I'm a snacker,
    I'm a mid-night wacker.
    I get my lovin' on the net.
    Ooh, ooh, ooh, ooh

  13. Victims often at "fault", but not their fault by Dutch+Gun · · Score: 3, Interesting

    Ok, we're going to snicker at someone e-mailing password lists, because we all probably understand that e-mail, by default, is sent in the clear, and is therefore not secure. It's hard for tech geeks to properly empathize with "normals" who just want to get some work done, or surf around on the net and not worry about getting their computer taken over by some malware.

    Honestly, though, it's hard to blame normal users for this. Should a user have to be a computer expert in order to actually use a computer? Some might argue yes, but that doesn't seem too realistic. The fault lies with software developers who blindly rushed features out the door without giving proper thought to the security implications. Microsoft had a really bad habit of this until they made security a significant corporate priority - it's time for Apple to catch up now, as proven by the recent "goto fail" fiasco. The focus has since shifted to softer targets, first Javascript and browser exploits, and then third party plugins as those closed up, such as Adobe products or browser-based Java exploits, and the good time for hackers (no, I'm not going to call them "crackers") is still rolling on.

    Honestly, I'm not sure what the answer is: Probably most casual users should actually move away from fully-powered computers and move toward safer, more locked-down systems like tablets and phones (like they have been). For people not doing serious work or creating actual content, these are more than capable, and are certain safer systems in general. Alternatively, getting set up as a limited account in an operating system with a smaller attack surface like Linux would be fine too. BTW, I don't buy the notion that Linux is inherently safer than Windows (granted, that definitely used to be true) - it's a combination of fewer threats (because it's a less rich target) and configuration options - Windows is also very safe as a limited user account). We've seen plenty of serious security holes in very popular FOSS software, even recently. But people buy computers because they actually want to do computer-like things with them, including running popular software. Limited accounts / locked-down systems are not always feasible.

    One thing I'd love to see is the death of standard login-password mechanisms. It's too much of a burden for both a normal user to both create and remember a secure password, and for the website to keep that valuable user information secret. We've demonstrated again and again and again that eventually a crack will be found and the info will leak. That's why I'm hoping that something like SQRL will eventually see widespread adoption. It's biggest strength is that it doesn't require trusting ANY second or third party with secrets of any sort in order to keep your identify secure (granted, associated data can still be compromised, but your identify can't be stolen at least). It's a very promising system, but we'll see if it catches on - it's sort of a long shot. But for the time being, something like LastPass is the next best thing. Someone needs to tell the author of this article about it so she can stop e-mailing herself password lists.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  14. Comments prove the McWhorter's point by DaveV1.0 · · Score: 3, Insightful

    I don't think I have seen one comment that "Guccifier" did was wrong. But, there are plenty of posts calling McWhorter an idiot, a pinhead, a shithead, etc. and telling her to shut up and that it is her own fault she was hacked.

    Most comments on here are verbally abusing the victim while completely ignoring the person who compromised her account and posted her personal details on line. And, I am willing to bet that if that happened to any of those posting said comments, the victim would want to kill the perpetrator.

    --
    There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
  15. So says the NY Times. by davydagger · · Score: 5, Insightful

    We glorify much worse in society.

    Our top artist, Jay-Z is a man who made a career spanning over a decade rapping about being a criminal(gangsta rapper), and glorying a life soaked in drugs, loose women, and crime.

    On the other hand, we have movies like zero dark thirty which glorify torture.

    We glorify politicians who lie, cheat, and steal, and we encourage eachother to lie cheat and steal for them.

    When a kid is bullied in school they are generally blamed for being weak, socially unfit, or making themselves a target.

    Most celebrities, the people who we all mimick, do drugs, drive under the influence, sleep around, and act without a care for the rest of us. If we admit we don't like them, something is wrong with us. We re-adjust our social values around them.

    We glorify the press and the news, and when they get caught lying to us, often to assassinate someones character for either social or political reasons, strut around as if their position makes them nobility, and violate each and every rule they tell us they abide by with enough regularity its safe to say they don't exist, we extoll them as the saviors of democracy.

    But yes, its hackers. Hackers are making society a terrible place. If computer break ins where any other field besides computers, it would be socially accetable. If you get take advantage of financially, or make a silly mistake, well its proof the capitalists are smarter than you. If the bank takes advantage of your lack of time to fight them, its because they deserve to prey on the weak. If you break into the bank computers because the same smarty pants bankers are to daft to learn your field, your a terrorist.

    Somehow hackers are glorified? Another shitty op-ed from the NY Times, a fine publication with a long history of clueless op-ed writers, and hideously snobbish double standards.

    I've said this before, and I'll say it again, the NYT is a fine publication, but the opinion editorials are run by a bunch of smarmy yuppie shitheads without any real vantage point in society.