RE: 'Hacker' is too cutesy a word to describe what's really going on

[InfoSec News <isn () c4i org>]

Forwarded from: "Moyer, Shawn" <SMoyer () rgare com>
Cc: "'jrp () jrparkinson com'" <jrp () jrparkinson com>

J.R. Parkinson spake in http://www.jsonline.com/bym/career/oct02/85638.asp :

> Our national mind-set is what makes mail secure. The same should be
> true for information on a computer. Just because it's possible to
> get at electronic information doesn't give anyone the license to do
> it any more than being able to open someone's mailbox gives anyone
> permission to do that.

Umm... Actually, I don't trust the U.S. mail one bit for any kind of
secured communication, any more than I would trust a poorly-secured
website to honor my privacy or keep my credit card secure. For secure
mail, you use a bonded and insured courier service who maintains a
covenant of securing data and respecting the privacy of the sender and
recipient. For secured web transactions, you vote with your wallet for
companies who have a history of diligence and vigilance in regard to
web security.

As to locks on mailboxes, you seem to have a rather idyllic view of
the world. Anyone who values their privacy would be wise to purchase
one of these:

http://hectorshardware.com/locsecmailex.html

> Society would never tolerate a "United States mail hacker," and
> there is no reason to tolerate a computer hacker.

We don't tolerate computer intruders who steal data or damage systems,
nor do we tolerate people who rifle through private mail. The sad
truth, kind sir, is that both of these happen on a daily basis, both
are reprehensible, and both are preventable with a bit of due care and
the proper security measures.

The real shame is that so many people, even today, are shocked at what
a Big Scary World it is out there, and at what the Big Scary People
will do. Arm yourself, lock your doors, lock your mailbox, firewall
and patch your webserver. Otherwise, you will eventually be in for a
rather rude awakening. I've had my home burglarized twice, and have
dealt with a number of system intrusions in the computer arena. In
none of those situations did I consider myself a poor victim of
malicious "hackers", but rather a victim of excessive trust if not
downright negligence.

> Clear and accurate communication is essential for business to be
> successful. In a past column, I quoted my first-grade teacher, who
> often said, "Say what you mean, and mean what you say."

That's deep. Really, it is. I would add this from ol' Sam Clemens:
"Better to close one's mouth and be thought a fool than to open it and
remove any doubt."
 
> I don't think she would ever use the light-hearted word "hacker" for
> such a serious activity. She would have a much stronger word.
> Perhaps all of us in business should use equally strong and clear
> language, and place the responsibility or blame where it belongs.

For a stronger word, why not use the right one? Cracker.

http://tuxedo.org/~esr/jargon/html/entry/cracker.html

Note the difference for future reference.

http://tuxedo.org/~esr/jargon/html/entry/hacker.html



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.