Hacked Off

Jeff Taylor | From the May 2000 issue

When is a "hacker attack" not a hacker attack? When it's done by wannabes too dense to be hackers.

That seems to be the case in the assaults on several high-profile e-commerce Web sites in February. EBay, Amazon, and a few other vendors had to go offline after cyber-vandals monkeyed with their systems and clogged those sites with phony electronic traffic. While damage was done, such antics don't qualify as true hacks: The systems were never actually penetrated or turned "rogue." For the targeted sites, these attacks were more like being on the receiving end of a flurry of crank phone calls. Your line is tied up by the pranksters and people you want to talk to can't get through. Imagine you run a business dependent on phone orders and real money can be lost.

To complete the analogy, our phony callers would have broken into someone else's house and used their phone to harass you. This makes them hard to catch.

Net culture even has a term for those who engage in this sort of vandalous pseudo-hack: script kiddies. Of course, if the mainstream media were to lead their reports with that phrase, the average American might think the Net is under attack from Hollywood child stars. So hackers it is.

As with most break-ins, this sort of attack can usually be deterred with better locks. But better locks mean better security, and that means doing things that bother both the official privacy lobby and national security organs.

Last year, both Intel and Microsoft were branded evil snoops for shipping products with ID codes embedded in them. Truth is, individual users will likely always find ways to defeat ID codes and surf anonymously. But for large organizations with lots of excess computing power and Net connections–the ones our script kiddies love to "zombify"–user authentication should be part of a total security package.

The other part of security means treating information on any large system as valuable by encrypting it. That is the equivalent of hiding sharp objects and fragile knick-knacks from toddlers. Webmasters are just now catching onto how the use of encryption can make the script kiddies' task that much tougher.

Indeed, more than anything, these attacks show that the U.S. government's long war against powerful encryption has kept such tools out of the hands of exactly the wrong people: One of the programs thought to have been used to launch the attacks uses encryption to mask what it is doing.

Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.

NEXT: America Celebrates Earth Day 1970—for the 31st Time

Hide Comments (1)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

nfl jerseys 13 years ago

kcxy

Please log in to post comments

Hacked Off

Latest

SCOTUS Weighs the Risk of Presidential Timidity Against the Risk of Presidential Impunity

Texas Public Colleges Crack Down on Peaceful Anti-Israel Protests

NOAA Billion-Dollar Weather Disasters Are Not Evidence of Climate Change

Judge Acquits Backpage Co-Founder Michael Lacey on Most Counts

Greenpeace Crusade Will Blind and Kill Children

Recommended

Login Form