Cenzic 232 Patent
Paid Advertising
web application security lab

The Movie Hackers isn’t So Unrealistic Afterall

Hackers the movie - the PlagueI got this link today from Reuters discussing how a 64 year old hacker decided to write a logic bomb to crash his ex company’s stock. Wow, has this guy been watching hackers too much or what? Next people are going to start skateboarding in the office wearing capes! I was really surprised to read this, because a) deleting files never crashes stock, or every virus on the planet would have a high potential of destroying corporate valuations and b) he didn’t attempt to do it publically (and public perception is the only thing that drives stock price).

But this is interesting because it’s a common mis perception amongst people that hackers could completely wipe anything out that they put their minds to. In some cases that’s true, but clearly not in all cases. I think people have sort of focused on the hocus pocus aspect of computer security. I think of it a lot like a magic show. It’s amazing and wonderful until you actually see how it works. Then it’s boring and people are only amazed by the ingenuity of the trick, not by the trick itself. That’s one of the reasons I don’t share a lot of what I know with non-security folks. They are less impressed and it doesn’t actually make them hackers in the process. At best it makes them slightly savvy non-tech types. At worst it makes them feel like they can hack things and then they get caught doing stupid stuff.

Anyway, although this wasn’t web app related, I thought it was interesting enough to share for anyone who missed this in the news.

One Response to “The Movie Hackers isn’t So Unrealistic Afterall”

  1. Mike Andrew Says:

    I love that magic-show analogy - I think it’s spot on. Getting sensitive info out of a database really gets clients excited until you show them how it’s done (and like a magic trick, once the method is revealed it’s boring and easily solved/stopped).

    I think I’m going to share this (with attribution of course) as it’s one of the best descriptions of hacking I’ve seen in a while. As usual RSnake, great work :)