- Date published:
- Author:Brian Wood
In the movies we like underdogs and rebels and outlaws and anyone bucking “the system”.
The crimes are not personal; they are often against “the regime”, a faceless but oppressive big brother-ish entity that demands obedience if not fanatical support.
But what happens when the victim is you? Or your sibling or colleague? Or your dentist or yoga instructor?
Opinion piece by Diane McWhorter in The New York Times.
Emphasis in red added by me.
Brian Wood, VP Marketing
Stop Glorifying Hackers
I was at the Museum of Modern Art in New York not long ago, soaking in Edward Hopper’s retro downer mystique, when I got a call that opened up brave new all-night-diners of doom and gloom.
The editor of thesmokinggun.com, a website that publishes embarrassing documents with headlines like “Man Jailed for Toilet Seat Attack on Disabled Kin,” had come into some documents of mine, including my Social Security number with birth date, a photograph of me assailing a moth infestation in an elderly friend’s kitchen and nearly all my passwords.
The conduit of the purloined goods was Guccifer, a hacker made famous last year for liberating George W. Bush’s post-presidential self-portraits from his sister’s email. Colin Powell’s Facebook page was also defaced, but plenty of people with no state secrets got caught in his net (apparently he got to me while hacking the email of my friend Sidney Blumenthal, the Clinton family consigliere).
Yet in January, when Romanian authorities arrested Marcel Lazar Lehel, the 40-something citizen thought to be Guccifer, the world did not seem to share my relief. Instead of being called out as the Grim Reaper of privacy, Mr. Lehel got mostly attaboys. Guccifer is “to hacking what the Beatles are to rock and roll,” wrote New York magazine. A commenter on Gawker suggested a legal defense fund.
Given that private citizens as well as celebrities (Candace Bushnell, Tina Brown) have been undressed by him, where is the alarm that anyone’s online dossier could be called for no particular reason — unless you have total control over not just your own cyber-presence, but that of your lawyer, your financial adviser, your therapist, your children’s teachers, your spouse, paramour, bookie and bail bondsman?
Partly, of course, the seeming indifference is resignation — the fragility of our privacy is well established. But it also stems from pride, reflecting the extent to which our “devices” have become stand-ins for our egos. Consider the assumption in early media accounts that Guccifer was fooling only with “geezer” servers like EarthLink, Yahoo and AOL. If you were so gauche as to use what one New York magazine writer called “a second-tier e-mail account,” then you basically had it coming.
This is wishful thinking. Although my (inactive) EarthLink account was hacked, so was my primary address, Gmail.
More troubling, “the system” seemed to have worked. Within 24 hours I had received anodyne alerts from Google and EarthLink and — not suspecting anything criminal — reset both my passwords. I would not learn for nine months that within my short, oblivious interval of defenselessness Guccifer had managed to capture a passwords list I had Gmailed to myself at the office.
But unlike the unfortunate insurance executive whose divorce records Guccifer released, at least I had conducted my own correspondence with the matrimonial bar on an old EarthLink server, before we parked our business on Gmail’s platform indefinitely.
That said, I hold less antipathy for Guccifer than for the gatekeepers who give us a false impression that our digital homes are protected and encourage us to cram in ever more precious assets. But when the locks are picked with abandon, there is no accountability.
EarthLink initially made a very pleasant security expert available to me. But once I began bearing down on the company’s duty to issue stronger hacking warnings or conduct follow-ups to possible intrusions, the corporate veil of boilerplate descended. Google simply directed me to a link suggesting that password theft was the fault of consumers being gulled out of their account information by phishing spammers. And even in the wake of its recent mass hacking, Yahoo likewise continues to push that argument of user fallibility.
The advice I got from the nice EarthLink engineer, Rich Gardner, was instructive: Keep your personal data on a thumb drive, in a safe. That new normal explains why I wouldn’t have dreamed of writing about Guccifer until after his arrest was announced. Believe me, Mr. Guccifer — and all your friends — far be it from me to provoke you into really strutting your stuff! But even still I hesitated, given the risk, as Mr. Gardner put it, of “painting a target” on my back. The realization that I was falling into totalitarian thinking convinced me I had no choice. For in the vacuum of fearful silence, crimes like Guccifer’s begin to resemble principled dissent.
The cult of the hacker is the tech-age update of America’s long romance with the outlaw; hence an emerging narrative that casts Guccifer as sort of a Sundance Kid to Edward Snowden’s Butch Cassidy — or, per New York magazine, the hacker’s “Graydon Carter, the host of a fabulous, scandalous party,” to Mr. Snowden’s “geek crusader.”
Being mugged by Guccifer recalled the sense of revelation I had on a visit to Tombstone, Ariz.: that a setting enshrined on grainy black-and-white film was in reality stained with the blood of actual men. The shootout at Tombstone’s O.K. Corral was a mythic episode in a struggle now gone global, of rogues (those aggrieved ranchers) raging against the state-backed elite, represented by Wyatt Earp.
The United States surely marshaled its finest in pursuit of a bandit who pulled off security breaches against two former presidents, former and sitting secretaries of state, a senator and a variety of intelligence officials. Yet for a year the world’s most exhaustive electronic surveillance dragnet came up short against a cyber-insurgent so brazen that he was allegedly hacking the head of his own country’s domestic intelligence — while serving a suspended three-year sentence for hacking.
For us civilians, with no choice but to wander into the digital crossfire, it becomes increasingly hard to know who, if anyone, wears the white hat.