enter the fray: our reader discussion forum
Sign in
  
Advanced
Re: Irresponsible
by garkon38
08/18/2008, 8:12 AM
Reply

John,

appreciate the note and thoughts. Know next to nothing about computing and software but have many principled friends in the field who take more or less your position.

Think on some level, we're almost having different conversations, which makes this tough. You rightly point out availability of software, ease of implementation, and the risks of "security by obscurity" to say effectively, let's let it all in/little can be truly irresponsible in such a world. I don't disagree with any of these -- in principle -- but focus on a weighing of motives and benefits. If the piece is likely to do more good than harm, then I do recognize the value of exposing security flaws. Note this is not a carte blanche -- if industry can effectively have this conversation internally, and respond to flaws, the need/desirability of public exposure is limited.


That said, I'll sharpen my point to maybe bring us closer to the same set of issues. Under the balancing test described above, my view is that this author clearly fails. If he wanted to make the point that one should not view the cyber-attacks on Georgian websites as necessarily Russia government-driven, the point is easy to make. You practically wrote the piece for him by pointing out that malicious hackers in small groups can likely do as much if not more than more stodgy government hacks to launch effective denial of service attacks. I note that you did so without links, without instructions, and without a sense of glee at how easy this is. A more mature tone over-all, which probably would do little to get your column read, but which would address the issue dead on.

That's not what the author did. He took the Springer route (as in "Jerry") -- he covered himself in the mantle of justice in order to do a little damage of his own (he claims) and then provided the instructions for third parties. He took the risk for little to no benefit to anyone but himself (and maybe Slate). In my view, it's not informative, it's not helpful, it's not enlightening. It's a cheap stunt, pure and simple, and that's what makes it irresponsible.

BTW, none of this touches on the merits of the author's arguments -- that it is as likely that zealous flag-waving Russian hackers attacked Georgian websites as the conflict began in a fit of nationalistic exuberance. While it may be true that hackers could do this, to believe that they actually did, strikes me as a bit goofy. Don't know what the hacker sub-culture is like in Russia, but nationalistic enterprises and going out of their way to help government operations strikes me as startlingly civic-minded for this group.

That's my gentle way of saying that this author is full of it regardless of which way you look at it. Still, thanks for the response.

View complete thread