Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Inventor of Proxy Firewall Blames Hackers

CmdrTaco posted more than 9 years ago | from the get-your-rage-out dept.

Security 742

An anonymous reader writes "SecurityFocus published an interview with Marcus Ranum, the inventor of the proxy firewall. It's an interesting reading, and the end is even better: Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy."

Sorry! There are no comments related to the filter you selected.

its the hackers alright! (3, Funny)

Prophetic_Truth (822032) | more than 9 years ago | (#12880373)

with their hair and thier clothes, and thier music! I can't stand 'em!

Re:its the hackers alright! (3, Interesting)

BlogPope (886961) | more than 9 years ago | (#12880474)

Problem is, just like the phreakers, while the hackers showed the way, organized crime (and yeah, I think I'll lump CoolWebSearch in that group) has pushed them out. The number of attacks related to real hackers is minimal these days, though there's enough idiots writing the tools thats the equivalent to giving uzis to schoolkids.

Suddenly we're all little piggiesliving in the big bad wolf's neighborhood and we're living in software houses built of twigs.

Re:its the hackers alright! (5, Insightful)

pixelpusher220 (529617) | more than 9 years ago | (#12880569)

Actually I'd say the Hackers probably did us a favor in the long run. How bad would it be if everything were nice and rosy and then organized crime started playing hard ball?

At least we've had time to learn and understand and actually build tools to help in the defense of our systems. Now if companies ignored the petty hacker attacks that's their own fault, but at least it started with relatively innocuous stuff rather than more heavy duty attacks...


Re:its the hackers alright! (0)

Anonymous Coward | more than 9 years ago | (#12880479)

They're so self-absorbed and egotistical; like those hip musicians with their complicated shoes.

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12880375)

nt

Re:fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12880519)

FP's are just as annoying as hackers.

Here we go (1, Interesting)

Anonymous Coward | more than 9 years ago | (#12880381)

Here comes 100+ comments attempting to rationalize the need for hackers.

Re:Here we go (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12880390)

and another 100 comments pointing out the (nowadays non-existent) difference between hackers and crackers

Re:Here we go (2, Insightful)

Xcott Craver (615642) | more than 9 years ago | (#12880579)

Well, I guess they did prepare us for more serious infrastructure threats, e.g. information warfare, organized crime etc.

I'd rather have an army of citizen-lamers spend decades breaking into our computers for fun, prompting us to build up an immune system.

Xcott

Someone should patent blame deflection (5, Insightful)

_am99_ (445916) | more than 9 years ago | (#12880382)

Truly, the only people who deserve a complete helping of blame are the
hackers. Let's not forget that they're the ones doing this to
us. They're the ones who are annoying an entire planet. They're the
ones who are costing us billions of dollars a year to secure our
systems against them. They're the ones who place their desire for fun
ahead of everyone on earth's desire for peace and the right to
privacy."


Ok, but swap a hacker's desire for fun with a software companies
desire to make money without properly taking responsiblity for
securing their product and one could also write:

Truly, the only people who deserve a complete helping of blame are the
software companies. Let's not forget that they're the ones
doing this to us. They're the ones who are annoying an entire
planet. They're the ones who are costing us billions of dollars a year
to secure our systems against them. They're the ones who place their
desire for profit ahead of everyone on earth's desire for peace
and the right to privacy."


It is like a credit card company saying that if someone breaks into
their systems and steals my credit card number, that is my
responsibility - or maybe it is the hackers fault. Well sure, it is
my fault for using a stupid bank, and the hackers fault for committing
the crime - BUT SURELY the bank has to take some fault for making this
whole possible - right?

Re:Someone should patent blame deflection (2, Insightful)

nomadic (141991) | more than 9 years ago | (#12880442)

Ok, but swap a hacker's desire for fun with a software companies desire to make money without properly taking responsiblity for securing their product

A lot of hackers have "fun" causing other people pain. It's weird, I've never quite understood how that actually works, but I've met plenty of people who just experience joy at doing damage.

Well sure, it is my fault for using a stupid bank, and the hackers fault for committing the crime - BUT SURELY the bank has to take some fault for making this whole possible - right?

Yep, but not as much as people here seem to want to put on them. It's a lot easier to destroy than create;even the best systems will have some security flaws, no matter how good the creator is.

Re:Someone should patent blame deflection (2, Interesting)

Dancin_Santa (265275) | more than 9 years ago | (#12880559)

Closer to home (inasmuch as /. is "home"), I really hate people who come onto this site or any site, for that matter, for the express purpose of disrupting discussion. We call them trolls, but in the same way we try to differentiate between "hackers" and "crackers", maybe it would be good to try to differentiate between "trolls" and these despicable "troll jihadists".

A logged in user may occasionally troll (who knows what kind of warped mind finds this "fun"?), but someone who logs in to drop bombs in a discussion with the express aim of causing confusion and conflagration is a "discussion terrorist".

Such terrorism can only be combatted, but never squelched.

Re:Someone should patent blame deflection (1, Insightful)

Anonymous Coward | more than 9 years ago | (#12880453)

If I take a jack and break your door frame to get into your house and steal stuff is that your builders fault? No it's mine.

Re:Someone should patent blame deflection (4, Insightful)

jedidiah (1196) | more than 9 years ago | (#12880511)

No, it's the builders fault if the construction of the door was faulty to begin with. If a burglar can walk up to your front door, pound on the hinge side slightly and cause the entire door to fall in THEN THE BUILDER IS INFACT RESPONSIBLE.

Cities have legions of building inspectors for just this purpose who's job it is to actually ensure that the tradesmen actually built their part of the house up to the standards set in the local building codes.

They actually have standards in the construction industry.

Re:Someone should patent blame deflection (0)

Anonymous Coward | more than 9 years ago | (#12880531)

So, how strong is the glass in those windows on your house which are built to code? And I don't care about your alarm system -- a smash-and-grab suits me just fine.

Re:Someone should patent blame deflection (0)

Anonymous Coward | more than 9 years ago | (#12880560)

There is hardly a residential door frame that can stand up to the power that a jack with a 4 foot bar can exert. All built to code, all breakable.

Re:Someone should patent blame deflection (4, Insightful)

Skye16 (685048) | more than 9 years ago | (#12880602)

If I push open your front door because the builder didn't even bother to put a door knob on it, much less a lock, then is the fault mine? Absolutely. Does the builder have responsibility in this too? Absolutely again.

In a way, hackers are kind of pointing out that the emperor has no clothes.

With that said, I, personally, find nothing wrong with a hacker trying to figure out an application / OS's vulnerabilities and sharing them with the developers. And if they do nothing about it, share it with the rest of the world to force them to. People deserve doors to have doorknobs and doors that have locks. People also deserve software that doesn't leave their anal cavity wide open for nefarious probing.

However, the hackers who run amok trying to fuck things up as much as possible for the sake of fucking it up (more script kiddies than hackers, but to the average person, they're the same); they still need to be blamed. They're still the primary culprits. But software companies can be extremely negligent at times, and thus, they bear some responsibility too. Responsibility isn't finite; just because we have two parties doesn't mean the major culprit receives any less of the blame.

And I'm rambling, again. I'm sorry.

Re:Someone should patent blame deflection (5, Insightful)

erroneus (253617) | more than 9 years ago | (#12880471)

At first I was going to mod this +interesting or something like that but I think I'd rather just add to it.

We're born into this imperfect world and should expect nothing less than we've already been born into. The lock was invented before anyone presently reading this was born. This is a clear indication of the state of things and in my opinion, the nature of humans... or animals for that matter. (Raccoons, monkeys and other creatures are famous for stealing things too!)

The individuals responsible are individually responsible for their own actions and should be held accountable. But the reality that should be mentioned and understood is that we're in a world where people do shit to each other.

In that climate, we look to software makers to make reliable products. We want them to be able to withstand the efforts of the rest of the world doing what it is that's natural for them to do. It is not an impossible task. It has been shown through the virtue of patches that it can be done and since it can be patched it could also have been done right the first time had they only taken the time and effort to write it correctly to begin with.

Re:Someone should patent blame deflection (2, Insightful)

cavemanf16 (303184) | more than 9 years ago | (#12880570)

In that climate, we look to software makers to make reliable products. We want them to be able to withstand the efforts of the rest of the world doing what it is that's natural for them to do. It is not an impossible task. It has been shown through the virtue of patches that it can be done and since it can be patched it could also have been done right the first time had they only taken the time and effort to write it correctly to begin with.

Your original argument completely invalidates this insertion that it's "not an impossible task." Yes it is! Software developers are human too!!!

Re:Someone should patent blame deflection (1)

cavemanf16 (303184) | more than 9 years ago | (#12880593)

Sorry, I meant "assertion", not "insertion". LOL! (Hint: I'm human TOO!!)

Blame Canada (3, Funny)

Anonymous Coward | more than 9 years ago | (#12880383)

Blame Canada

Re:Blame Canada (3, Funny)

hullabalucination (886901) | more than 9 years ago | (#12880510)

I hold the Northwest Territories personally responsible for this terrible situation. Also, I believe that we ought to disconnect many third-world countries from the Internet. Places like Zimbabwe, Cambodia, Mauritania and New Jersey don't need to have Internet access.

Re:Blame Canada (1)

montreal!hahahaha (880095) | more than 9 years ago | (#12880594)

Montreal?
muahahahahaha

let's not forget (4, Funny)

g0bshiTe (596213) | more than 9 years ago | (#12880387)

bieng the inventor of said firewall they have most asuredly paid your bills for sometime.

They haven't (1, Insightful)

Anonymous Coward | more than 9 years ago | (#12880497)

One of the reasons Ranum is such a bitter guy is that he never made any money out of his products. He was always working for someone else and never got a piece of the action. When he finally had his own company (NRF) the product we ill defined, then attempted to redefine itself as an IDS, but was never able to keep up with the performance of modern networks.

I agree... (3, Interesting)

cheezemonkhai (638797) | more than 9 years ago | (#12880388)

How dare a large american mega-corperation that wants to keep our private data on their systems and make money off selling it have to spend any money protecting it.

Yes hackers are a pain in the arse, so are spam merchants. Thats life, live with it.

In other news the inventor of the Yale lock blames thieves for the invention of the lock, which irritates us daily.

Re:I agree... (1)

i.r.id10t (595143) | more than 9 years ago | (#12880409)

Actually, wasn't the first Yale lock fairly unpickable for quite some time? IIRC something about it being on display with a reward for successful picking...OK just googled, it wasn't a Yale but rather Mr. Chubb's...

Re:I agree... (5, Insightful)

Southpaw018 (793465) | more than 9 years ago | (#12880546)

If I'm reading that right, you have it backwards - like a lot of people, I think. If, let's say, someone left their front door open and you saw some nice lookin shiny thing while walking down the street, and you went in and took it, then got caught...what would the police say? "Oh, it's not your fault. After all, they left their door open."

No, while they were idiots for leaving the door open, you were the only one who broke the law.

The same thing applies here. Because someone or something leaves doors open doesn't mean you can or should enter them. No one has to live with spam merchants - that's why we're taking measures to combat spam on many levels (from the national do not call registry to spam filters on the email system at the office). No one has to live with hackers, either. That's life, but not how you put it; this time, I applied your logic to both sides.

Can you live with that?

and interestingly enough... (4, Insightful)

Mz6 (741941) | more than 9 years ago | (#12880394)

they're also the ones that keep you and I employed.

"They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them."

Re:and interestingly enough... (5, Insightful)

Anonymous Coward | more than 9 years ago | (#12880414)

But if they weren't keeping you and I employed we could both be employed doing more productive things.

It's like saying the vandal who goes around smashing windows is a good guy because he keeps the window repairman employed.

Old and crusty falacy...

Re:and interestingly enough... (1, Insightful)

Anonymous Coward | more than 9 years ago | (#12880457)

But if they weren't keeping you and I employed we could both be employed doing more productive things.
Like what? Playing San Andreas for six hours a day?

90% of the people on this planet are employed to clean up problems created by other people. Geeks are no different. It's not a bad thing, it's life.

Re:and interestingly enough... (4, Insightful)

WhatAmIDoingHere (742870) | more than 9 years ago | (#12880472)

No, it's not quite like that. It would be more like: If the window repairman developed newer windows that were harder to break. If the vandal never broke the original windows, they would still be as easy to break as they originally were. But now, thanks to the Vandal, they're improved and rock-resistant.

The "window" tech. isn't standing still as the Vandal runs around breaking them.

Re:and interestingly enough... (0)

Anonymous Coward | more than 9 years ago | (#12880534)

Do you have their email address? I'd like to ask for a raise.

Inevitable? (1)

RandomLetters (892800) | more than 9 years ago | (#12880396)

I think security measures are always going to be necessary because we will never live in a world where everyone is happy and content not to steal something from someone else.

Call me pessimistic.

Re:Inevitable? (0)

hcob$ (766699) | more than 9 years ago | (#12880435)

We'll live in a world where no one is envious of anyone elses goods when the planet gets demolished to make way for a hyperspace expressway. No no, it's been on the books for 50 years. If you won't take an intrest in local matters, that's your own fault.

First against the wall (0)

lordperditor (648289) | more than 9 years ago | (#12880397)

They should be the first against the wall when the revolution comes.

Re:First against the wall (1)

cbv (221379) | more than 9 years ago | (#12880598)

They should be the first against the wall when the revolution comes.

Who exactly are you refering to?

No way Linux is desktop ready (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12880398)

Has at least five more years to go before it's somewhat usable (7 for KDE).

Only those dastardly hackers (0)

DragonMageWTF (887275) | more than 9 years ago | (#12880400)

They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy.

Yes, because only hackers are the ones that can't be trusted. I guess that is why all the prisons are full of hackers not murderers, rapists, etc...

Re:Only those dastardly hackers (1)

mopslik (688435) | more than 9 years ago | (#12880446)

I guess that is why all the prisons are full of hackers not murderers, rapists, etc.

-1: Unrelated. Murderers and rapists aren't the ones comprimising computer networks.

Perhaps you missed the "costing us billions of dollars a year to secure our systems" bit you quoted?

Re:Only those dastardly hackers (1)

jedidiah (1196) | more than 9 years ago | (#12880581)

He probably didn't think it was entirely accurate.

We spend billions of dollars per year to FIX OUR SYSTEMS because they are built with faults that the builder should have known better than to engineer in. His rant would be more meaningful if the negligence of certain companies weren't dramatically aggravating the problem.

The fact that he's a guru doesn't alter the fact that he's full of shit.

Corps have to clean up after certain operating systems infected with certain classes of malware because of pisspoor engineering.

The script kiddies are secondary. Like obnoxious drivers are secondardy to the problem of SUV's that have blowouts or rollover.

Engineered systems are expected to be able to take a certain level of abuse.

He is 100% right (3, Insightful)

Dancin_Santa (265275) | more than 9 years ago | (#12880401)

He is also 100% wrong. No one wants to live in a world where we have to lock our doors. Everyone wants to live freely without worry of being taken advantage of. It is absolutely the fault of the "evildoers" that we must put locks on our windows and worry about the footsteps following us down the dark, reeking alleyway.

But it is also our own responsibility to be sure that we can prevent people from taking advantage of us. This means that we must have those locks and firewalls. To neglect this is to essentially invite attack and intrusion. And if it isn't at the hands of one group, it will be at the hands of another.

We don't live in a perfect world, so it's important that we have adequate locks.

Re:He is 100% right (4, Insightful)

clontzman (325677) | more than 9 years ago | (#12880505)

I don't think he's arguing that. He's just saying that the people who are making this trouble are the problem, not the people who are making the software that tries to protect people.

Just because you park your car in a mall and only protect it with a piece of glass that's easily broken and an alarm that everyone will ignore doesn't make it your fault if someone breaks in and steals your car. It seems like a lot of folks, though, would blame GM for not making steel shields for your windows.

The virus/worm writers are the problem; how can anyone possibly defend them?

Re:He is 100% right (1)

Malicious (567158) | more than 9 years ago | (#12880507)

You know... In Canada, most people don't lock their doors. Most people don't live every day in fear of being taken advantage of because they're too busy being considerate of others, and we don't follow people down a dark alley unless they look like they need help.
The Internet however is and will remain "International Waters" where a lifestyle change is required to survive. If only everyone just tried to be a little nicer...

Re:He is 100% right (1)

Illserve (56215) | more than 9 years ago | (#12880525)

That doesn't mean it's not someone's fault!

I've heard of apologists before but this is bordering on ridiculous.

Here's an analogous idea: the world is going to be full of tyrannical despots, we have to be on our guard against them. So it's not right to blame them, someone was going to murder all those Kurds if Saddam didn't do it. In fact these people are doing us a favor by keeping us on our toes! (and sometimes chopping them off)

Re:He is 100% right (1)

paulbd (118132) | more than 9 years ago | (#12880556)

You don't need to live in a perfect world to do without locks. You do need to live in a community with a strong sense of cohesion and a definite perimeter (not the same as a fence). it also helps to lead lifestyles that do not involve owning property that you leave unattended for the majority of the day.

locks allow you to avoid all these burdens: you can have an anonymous, uncohesive community in which you are free to leave your stuff unattended. the question is: does the value you gain from this ability offset what the value you lose (or would gain) from a social context where locks were not necessary?

Re:He is 100% right (5, Insightful)

Daniel_Staal (609844) | more than 9 years ago | (#12880580)

He agrees with you. That quote was the last paragraph of the last answer in the interview. Here's the full question/answer:

If we consider the Internet as a big local network, we will see that some of our neighbours keep getting exploited by spyware, virus, and so on. Who should we blame? OS producers? Or our neighbours that chose that particular software and then run it without an appropriate secure setup?

There's enough blame for everyone.

Blame the users who don't secure their systems and applications.

Blame the vendors who write and distribute insecure shovel-ware.

Blame the sleazebags who make their living infecting innocent people with spyware, or sending spam.

Blame Microsoft for producing an operating system that is bloated and has an ineffective permissions model and poor default configurations.

Blame the IT managers who overrule their security practitioners' advice and put their systems at risk in the interest of convenience. Etc.

Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and [the] right to privacy.

His point: there is pleny of blame to go around, if you want to spread the blame. The hackers who break in are the reason the rest of the blame matters, but the rest is still there.

Just in case someone thought you disagreed with him. And because now everyone has read the full context of the quote we are discussing, which will be a rarity on /.

I blame the movie also (1)

msbmsb (871828) | more than 9 years ago | (#12880402)

Yak Yak Yak - started [imdb.com] it all. Find me some Gibsons!

Guns don't kill people (0, Redundant)

glomph (2644) | more than 9 years ago | (#12880403)

This argument is stupid. I can spread kerosene puddles all over the house, but be blameless, while the idiot who comes in with a lit cigarette is at fault. He's got it all wrong. I say:

BLAME CANADA!

Re:Guns don't kill people (1)

mopslik (688435) | more than 9 years ago | (#12880485)

I can spread kerosene puddles all over the house, but be blameless, while the idiot who comes in with a lit cigarette is at fault.

Would you rather have it so that you were liable as well? If someone broke into your house and stabbed your family with your kitchen knives, would your family be liable for owning them and keeping them out in a block on the counter?

Blame Canada? (1)

AtlanticGiraffe (749719) | more than 9 years ago | (#12880587)

Canada is innocent. I blame it on the Boogie(TM).

substitution (-1)

Anonymous Coward | more than 9 years ago | (#12880410)

s/hackers/crackers

So it's hackers' fault.... (1)

sagenumen (62467) | more than 9 years ago | (#12880417)

Let's forget the fact that hackers exist for a moment...

These companies would have millions of customers' data out in the open if they could? Personally, I'm glad there are people out there testing these systems to the extent that they are.

I live in a gated community in a town where crime is essentially zero, but we still lock our doors when we're not at home or when we're sleeping.

Re:So it's hackers' fault.... (0)

Anonymous Coward | more than 9 years ago | (#12880562)

Wow, you must be really shitting your self, all the time. Do you get panic attacks in public places? Or do you just avoid them entirely now?

Re:So it's hackers' fault.... (0)

Anonymous Coward | more than 9 years ago | (#12880590)

But why would you rather this? If there were no hackers, and we're presuming their the only ones capable of finding such vulnerabilities, what difference does it make? Yeah, the vulnerability would still be there, but no own would know about it or how to take advantage of it.

Good God... (5, Insightful)

aendeuryu (844048) | more than 9 years ago | (#12880418)

Rome builds shitty wall, Emperor blames failure on existence of barbarian hordes.

It'd sound fucking ludicrous to read that in a history book, it's no less ludicrous to read that in a modern context.

Dude, grow a pair.

Re:Good God... (2, Insightful)

Foolomon (855512) | more than 9 years ago | (#12880555)

You are correct, but he is as well. It's the malicious intents of others that cause the headache in the first place. Granted, you could choose to ignore the headache, take some placebo (i.e. use a crappy OS with little protection) or take something effective (Oxycontin LOLOLOLOL), but the fact still remains that the headache is the cause of the problem. Just because you are ineffectively dealing with it doesn't mean the headache doesn't exist.

Right.. (0, Insightful)

Anonymous Coward | more than 9 years ago | (#12880420)

I can not say I agree with the "hackers" (or rather, blackhats), but this is just ignorant.
Let's say there weren't a lot of crackers. Nobody would even bother about the slightest bit of security. Then one guy would learn enough, and since the lack of security he would be able to root the entire planet. One real blackhat, and we'd all be doomed.

We should thank the hackers.

And if software companies would pay a little more attention to security, the internet would be way more secure. So it's THEM to blame.

Really (1)

$nickname_212 (805232) | more than 9 years ago | (#12880425)

They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy.
I think the real threat is because there are hackers that do it for money. Geez, haven't you been seing the news lately. This excuse is so passe.

"Desire for fun"? Oh please.. (5, Informative)

Entrope (68843) | more than 9 years ago | (#12880436)

Perhaps five or ten years ago it would have been plausible to say that computer criminals were largely breaking into others' machines for fun -- but even then, as Clifford Stoll discovered, there were exceptions. Then it turned into more of an organized enterprise. People controlling most of the infected machines on the Internet are NOT doing it out of curiosity or fun: They are doing it for power, and exploiting that for criminal enterprise.

In the past years, we have seen profit-seeking criminals discover how useful insecure systems are to them. The major disruptions now are not caused by simple thrill-seekers.

He means crackers right? (2, Informative)

dtfinch (661405) | more than 9 years ago | (#12880437)

programmer => hacker
criminal hacker => cracker
criminal non-hacker => script kiddie

Re:He means crackers right? (1)

Greatred (557856) | more than 9 years ago | (#12880477)

I wish the mass media would learn this.

Re:He means crackers right? (3, Insightful)

rikkards (98006) | more than 9 years ago | (#12880478)

According to Society:
criminal hacker == hacker therefore
criminal hacker == hacker

Re:He means crackers right? (1)

Metasquares (555685) | more than 9 years ago | (#12880589)

2+2=5. We've always been at war with Eastasia.

(It's a reference to 1984, for those who haven't read it).

Didn't I just read the Onion? (4, Funny)

wubboy (96276) | more than 9 years ago | (#12880438)

"Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy."

Is it just me or does this sound like a Onion story?

which came first? (1)

jspectre (102549) | more than 9 years ago | (#12880440)

the firewall or the hacker?

Re:which came first? (1)

l_bratch (865693) | more than 9 years ago | (#12880470)

The hacker, of course.

How would the firewall have been written without a hacker to write it?

Oh, and the egg came first too.

Re:which came first? (0)

Anonymous Coward | more than 9 years ago | (#12880498)

firewalls have been around since, uh. Since walls had to be fire resistant.

Nature of the beast (1)

Jedyte (640981) | more than 9 years ago | (#12880445)

How about locks? If only some people wouldn't place their desire for our property ahead of everyone's else's deisre for property and privacy. They make us run around with keys.

Maybe it's sad, but I guess it's just the nature of the beast. Whole other industries exist for these kind of phenomena, and yes, firewalls are included.

It's our own fault (1)

kungfuSiR (753429) | more than 9 years ago | (#12880449)

Hackers exploit code that is insecure. Who are the ones who make this code insecure, the good guys. So if people weren't so obsessed with releasing products before they have been reviewed for security, or giving programmers time to create more secure applications then hackers would have a harder time doing the things they do. If anything the recent rise in this type of activity has done nothing but benefit the user in the long run because it is forcing companies to develop more secure and efficient code. I mean when's the last time in the last couple of years you heard Microsoft pushing back a windows release to improve security? Although not all hackers are beneficial and sometimes their motives can be questionable, I think in the end they provide some good, and have even helped spawn completely new IT sectors

Re:It's our own fault (1)

KingNaught (718536) | more than 9 years ago | (#12880566)

I like your logic. I think I'm going to start shooting people at random on the street. That should force the clothing manuafacturars to start producing bulletproof garments. Which could only be a benifit to the clothing industry.

Gratitude? (0)

Anonymous Coward | more than 9 years ago | (#12880451)

(1) These 'hackers' pay your bills
(2) Most security holes are found by hackers ... if there weren't any people testing your systems, I think many systems today would be riddled with more undetected security holes than they currently are.

Favorite line from TFA (0)

Anonymous Coward | more than 9 years ago | (#12880452)

My favorite line in the article...

Whenever someone tells you that there's a novel, easy, solution to security, it's either because they don't understand security or they're trying to sell you something that isn't going to work.

In the end... (1)

ruisantos (316753) | more than 9 years ago | (#12880456)

hey're the ones providing you information for you vulnerability scanning software.

They're the ones giving you an oportunity to earn a nice salary at the end of the month.

There's an old Saying.... (2, Insightful)

hcob$ (766699) | more than 9 years ago | (#12880460)

"Locks only keep honest people honest." Such is the same with all security measures. Anything that is created by man can be defeated by man.

Hackers don't do the damage (1)

Illserve (56215) | more than 9 years ago | (#12880461)

They just find the holes and make the tools.

The people doing the damage are low life scum who buy Spam packages from other low life scum, and set up their own little mom and pop operations. Or script kiddies who create zombie farms from tips and tricks learned in IRC rooms.

They probably barely know how computers work, and not a lick of programming. But they can surely run a spamming or DOS script.

We should no more blame the hackers for spam and DOS attacks than we should blame Napster for music piracy, or crowbar manufacturers for house breakins.

And we don't... do we? *checks slashthink manual*

Could not be more wrong (4, Insightful)

joshv (13017) | more than 9 years ago | (#12880465)

Virus writers, crackers and their ilk are the predators and pathogens of the Internet ecosystem. They kill off the weak and make the rest stronger.

What would you prefer? An Internet full of weak hosts, with a wealth of unexploited security holes and weakly configured security systems, where your security is left up to the good will of others (everybody just play nice now)? Or one where leary vendors and service providers stand in constant vigilance over security issues, because they have to. The wolves are circling the herd.

What would happen if all the 'hackers' just went away? Everyone would get complacent. Security holes would proliferate, until the temptation just became too large and someone takes it all down in one fell swoop.

Re:Could not be more wrong (1)

Ingolfke (515826) | more than 9 years ago | (#12880577)

I'll take the logic behind the previous post and apply it to another popular security topic...
---
Jihadists, whacko environmentalists, right-wing extremists and their ilk are the predators and pathogens of the modern global ecosystem. They kill off the weak and make the rest stronger.

What would you prefer? A world full of weak hosts, with a wealth of unexploited security holes and weakly organized government systems, where your security is left up to the good will of others (everybody just play nice now)? Or one where leary politicos and government agencies stand in constant vigilance over security issues, because they have to. The wolves are circling the herd.

What would happen if all the 'terrorists' just went away? Everyone would get complacent. Security holes would proliferate, until the temptation just became too large and someone takes it all down in one fell swoop.
----
Summary: "What doesn't kill us makes us strong" is good enough justification for anything.

boo-hoo-hoo (2, Insightful)

lennart78 (515598) | more than 9 years ago | (#12880466)

I don't know where to begin on this one.
If there weren't any burglars around, I wouldn't have to lock the doors of my house.
If everyone would abide traffic rules, the need for airbags etc. would vanish.

This guy is not only complete missing any connection with the outside world, he also forgets that there are thousands of people working in the (IT) security industry, making a living. It may sound silly, but we keep our economy going this way. This is why there are so many economists/therapists/lawyers/communication advisors/etc. around.

I feel like feeding the troll here. Time to knock it off...

Lord of the Walls (2, Funny)

Alarash (746254) | more than 9 years ago | (#12880469)

We only wants our precious proxyses! Trixie, nasty hackeeses! We wont let them behind our precious!

*gollum, gollum*

Here we go again (1)

BigBadBus (653823) | more than 9 years ago | (#12880475)

Hackers != crackers

Re:Here we go again (3, Insightful)

Axfish (595199) | more than 9 years ago | (#12880532)

I agree with you. Sadly though (in this particular instance), languages change, and word usages evolve. (Anyone remember when you could actually use the word "gay" to mean "happy"?) The hoi polloi have taken the word away from the Hacker (in the traditional sense) community, and made it into something else. We just have to move on, I guess. Given that you're already no longer allowed to correct people's spelling, grammar, syntax, be it on the Internet or even at work, might as well let semantics go down the drain with the rest of it all... /vocabulary nazi off

Security (1)

$nickname_212 (805232) | more than 9 years ago | (#12880476)

Imagine how far we would be behind the real hackers today if the hackers for fun didn't exploit the weaknesses of yesteryear. We would be stuck with our thumbs up our asses today.

Privacy!? Have you heard of the Patriot Act?

In other news (0)

Anonymous Coward | more than 9 years ago | (#12880491)

I blame the existence of theft on thieves.

IPv6 (1, Insightful)

Anonymous Coward | more than 9 years ago | (#12880492)

IPv6 should be the future. Do you see a more secure future then?

No, IPv6 isn't going to solve anything.


I liked this line the best. I'm tired of the people who prattle on about how NAT has broken the internet and how IPv6 will negate the need for NAT and solve all our security problems. That line is a bunch of crap and now we have someone of authority acknowledging that. As for the "out of addresses" excuse, don't even get me started.

"Perfect World" (2, Insightful)

myrick (893932) | more than 9 years ago | (#12880495)

As nice as it is to think that the world would be in perfect harmony without hackers, it is little more than a pipe dream. Throughout history, humanity has been plagued by the selfish nature of its constituents ('human nature' just does not jive with the 'common good'), and that is a fact I would argue is on par with Death and Taxes. We as a society have to be realistic here, and we as the geek community, the developers of software, have to take the responsibility to make high quality, secure software, because you just can't trust the public. Wasting our efforts by complaining about hackers is foolhardy.

Re:"Perfect World" (1)

myrick (893932) | more than 9 years ago | (#12880528)

My apologies for the misuse of the term 'hacker'. Please substitute 'cracker' where necessary.

You're welcome (1)

jajajija (894151) | more than 9 years ago | (#12880514)

"They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy."

And they're the ones you should be thanking. They expose your vulnerabilities and make you secure your system against those who don't just want to hack you for "their desire for fun", but are competing with your company and will use the information they get to bring you down.

What the author doesn't realise (0, Flamebait)

bogaboga (793279) | more than 9 years ago | (#12880523)

Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy."

By saying the above, the author does not realise that these hackers, though nasty in some way, have a democratic right to express themselves as they please. He should also realise that "one man's meat is another man's poison". That's how democracy works. There are many industries making life out of people's misery. Think about the drug companies and the anti-virus companies. Do you think they want disease and viruses to go away?

Re:What the author doesn't realise (1)

Quill_28 (553921) | more than 9 years ago | (#12880591)

Could you let me know where you live?

I would like to "express" myself as I please.

How old are the Slashdot editors? (0)

Anonymous Coward | more than 9 years ago | (#12880530)

From their editorial stance, you would think they are a bunch of pimply-faced 13-year-olds who have never worked in the real world. I see more and more of these troll articles and less and less useful, informative of even fun articles.

as if they could secure their systems... (0)

Anonymous Coward | more than 9 years ago | (#12880536)

hackers improve software by revealing its design flaws. software giants should be thankful for not having to pay experts to search for the flaws.

Security and Concepts (1)

Exter-C (310390) | more than 9 years ago | (#12880544)

Having insecurity is a plus to the world as it raises peoples awareness of issues and in the long term security should hopefully improve. "hackers" will get better and better to keep one step in front but at the end of the day if the user is well protected then they will be at a lower risk than those that use windows 2000 or redhat 5.2 with no patches.

Are they the only ones? (0)

Anonymous Coward | more than 9 years ago | (#12880557)

They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy. ahead of everyone???? wow... where did bush go? the hunger for oil? the mujahideens?

"The Hackers" (1)

FrangoAssado (561740) | more than 9 years ago | (#12880567)


Truly, the only people who deserve a complete helping of blame are the hackers. [...]

Interesting. Does he also blame "the burglars" for "costing us billions of dollars" to secure our homes against them? For "placing their desire for fun ahead everyone on earth's desire for peace and right to privacy"?

It's very easy (and stupid) to blame problems like these in a poorly-defined class of people. It achieves nothing. It would be far more productive to analyse what exactly makes it possible, easy and acceptable for people to "hack" -- in the sense that most people doing it wouldn't consider to be thieves (I believe), but are happy to invade other people's computers.

Why do hackers get all the blame? (1)

FictionPimp (712802) | more than 9 years ago | (#12880576)

Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy.

If we got rid of all the hackers, wouldn't we still need to secure our networks from governments, criminals, terrorists, rival business, etc?

I think the blame lies with them more then just hackers.

Focus on the Process (2, Insightful)

halbert (714394) | more than 9 years ago | (#12880584)

Marcus had the right idea, but then he went for the media spin about hackers. His best quote was actually :

There's enough blame for everyone.

Blame the users who don't secure their systems and applications.

Blame the vendors who write and distribute insecure shovel-ware.

Blame the sleazebags who make their living infecting innocent people with spyware, or sending spam.

Blame Microsoft for producing an operating system that is bloated and has an ineffective permissions model and poor default configurations.

Blame the IT managers who overrule their security practitioners' advice and put their systems at risk in the interest of convenience. Etc.
Sure hackers, as he and the media uses the term, are to blame, but what about the others he mentions? I bet half of the "hackers" wouldn't even have started if it wasn't so darn easy in the first place, and that is where the rest of the blame starts. I am not trying to defend "hackers", or start a holy war about whether finding flaws are in software is good or bad.

I see every day the results of poor practices, shoddy software, and just plain old stupidity when it comes to security. Fix those first, then worry about the hackers.

The hidden meaning behind the words (1)

gringer (252588) | more than 9 years ago | (#12880588)

Perhaps Marcus secretly likes hackers. Consider the hidden subtext in his statement:

Truly, the only people who deserve a complete helping of blame are the hackers. Let's not forget that they're the ones doing this to us. They're the ones who are annoying an entire planet. They're the ones who are costing us billions of dollars a year to secure our systems against them. They're the ones who place their desire for fun ahead of everyone on earth's desire for peace and the right to privacy.

Hackers = Canaries in the Coal Mine (5, Insightful)

thelizman (304517) | more than 9 years ago | (#12880599)

Obviously this guy has never heard of espionage. *Most* (not all) hackers/crackers get in, poke around, and leave. I've known a few that actually fix shit on the way out, and leave friendly notes (though I think more highly of the do no harm crowd).

The *REAL* danger are corporate spies who not only want your secrets, but also plant spyware, or destroy infrastructure to hamper a competitor. There is also the growing instances of state-sponsored computer cracking whereby poorer nations (particularly the axis-of-evil states) seek to leverage the power of attacking information infrastructures instead of the physical infrastructure. Remember, the US didn't take down the Soviet Union by dropping bombs and shooting bullets. We bankrupted their ass in a nice game of 'keeping up with the neighbors'.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?