Andrew Breese

Musings of a professional geek

Tag Archives: hacking

Humble Bundle on Cybersecurity and Crypto

Heads-up on a great Humble Bundle on crypto, security, hacking, and all sorts of related topics. As a pay-what-you-like deal it’s amazing given these books are worth. I’m really keen to read Threat Modeling: Designing for Security and Cryptography Engineering: Design Principles and Practical Applications; that is my bed side reading set for months to come. Offer ends around the end of July, and found via Bruce Schneier’s blog.

Is the real fallout from the Sony attacks yet to come?

A cancelled film, a company worth of hacked and destroyed computers, stolen personal data, stolen company records, and fear mongering is the first phase of the attacks on Sony. Whoever coordinated this series of attacks has played a very good game so far, and continues to use FUD (fear, uncertainty, and doubt) to channel almost everyone’s thinking. In the face of real violence most people will prefer to play it safe.

I know that I’m certainly not going to do anything to endanger my family; which is where this first phase of the story ends. I’m a little fearful, and I’m watching the news and paying attention. I’m aprehensive about writing a blog post. Good game. You’ve won phase one.

Are changes needed? Perhaps the extreme withdrawal and kowtowing  by Sony is a move by the mega-corp against another of Sony’s dark foes – internet piracy.

The next phase worries me far more because it won’t be about this attack, it will be about the changes that our governments and companies try to introduce to protect us. I’ll be very surprised if governments and corporations don’t wish to further change laws based upon the fallout from these events. Perhaps on the first thought they might be right; some changes are probably needed – Sony was hacked wide open and they have a huge amount of things to fix and recover from. The financial and reputation cost is non-trivial. Geek-types such as myself might have a love-hate relationship with them due to various opinionated view on consoles and games, but the general public think of them as a big movie studio. And that studio just got slapped very hard.

I think we are about to experience in a wider context is these events used as a further strengthening of the arguments for a regulated internet. In my own view the severity of the attacks were escalated when the hackers threatened to do something to the people who when to see The Interview, and then Sony gave permission to withdraw the movie from cinemas. I think this changed the way the public viewed the events, from a company being attacked to limit their profits, to a threat to joe-average-punter.

It is a conflict targeting the balance between our fears and our freedoms. And when the laws are changed to protect against the phase one events it could be at the detriment of our wider freedoms. It is a delicate balance with no perfect solution, but many bad ones.

A superficial rationale is: hackers and their nefarious tools did all this, then (insert country, company, mother’s name) needs to be protected.

I was never going to see The Interview so selfishly I wasn’t fussed that a studio yanked it’s release, or that Sony got hacked in the first place as I wasn’t affected. I am going to be on the internet over the next 40 years, so I am concerned about how much leverage this type of event gives governments to make sweeping changes. Australia (my home) has made changes in law to the powers of police in reaction to both terrorist threats and cyber-threats, and certainly already has some very powerful and uncompromising anti-hacker and anti-terrorism laws.

Yes, I’m possibly wrong too.

Perhaps Sony won’t apply it’s huge financial loss and damaged reputation as a stick to beat the American government with. Perhaps they won’t use FUD to push an anti-hacking (bit torrent, dark-net, etc) agenda any more than they already have. And it’s unlikely that America will be able to directly change Australian internet freedoms soon, … except that most laws past in the US also impact big sections of the internet, and Australia is well known to mimic and support American interests.

(aside – don’t misunderstand that point please – on principal countries working with a unified policy is interesting and can be valuable).

Read the backlog of anti-piracy material from film studios, an the fear around one govt attacking corporations in another.

And then please read widely on the freedom vs security as it relates to both the internet and your rights as a civilian.

And make up your own mind. I’m uncertain, but the FUD is working on me  today. The Sony Hack story is far from over.

%d bloggers like this: