Politicians and Media Don’t Really Understand How Hacking Works
Hackers are everywhere. Hackers are omnipotent. Hackers are terrorists.
Or so we've been told since the 2016 election, when the Democratic National Committee got hacked.
Last year, former DNC chair Donna Brazile released a book about the email leak. The title was "Hacks." She wrote:
While you’re laughing, the hackers are dropping malware into your system. They can also use voice mail if the phone system is integrated with the computer network. In the case of Cozy Bear, a voice purporting to be a female journalist left messages on DNC staffers’ phones asking for information on a story. While the listener was playing the message, she was unknowingly accepting malware.
In the media, hackers are portrayed as dark wizards with occult powers. This is what the world believes, and the world is wrong. Hackers are clever and cunning. But hacking is the new use of old tools.
As Eric Limer points out in Gizmodo, actual hacking consists of research, planning, and then getting a computer to run while you're away. There is a steep learning curve to hacking. But once mastered, the basics are surprisingly simple. Doxxing is weaponized investigation. Password cracking is trial and error; packet sniffing amounts to a boring stakeout; DDoS attack means hitting servers over and over again; SQL injection equals understanding databases. Hacking means a long apprenticeship, followed by months of formal execution. There's nothing new under that particular sun.
Don't take my word for it. Go down the list of famous hacks. Operation Get Rich or Die Tryin’, in which hackers stole 180 million debit and credit card numbers from corporate retailers, relied on injections on open WiFi networks. Max Ray Butler stole 2 million credit card numbers, mostly because he had inside information. The Epsilon and Saudi Aramco hacks were phishing attacks, which anyone who knows basic web design and the target's email address can achieve. The Citigroup hack happened because the bank was lazy about its URLs. The great Sony PlayStation hack of 2011 probably happened because the PS3 had a firmware build called Rebug that let clever users enter the developer network.
The DNC hack didn't require criminal genius. Historically, the Democratic National Committee is not hard to steal from. The Watergate Plumbers almost pulled it off, and that was a dunce-rich crew. The DNC cyber-attacks merely required high-level Democrats to click on the wrong link. Once that was done, the rest was old hat.
If hackers are old-style tricksters with terminals, why do we fear them so much? How did our culture make hackers into demons?
Simple. Hackers provide a much-needed scapegoat.
Between the motion and the act falls the shadow
In 1797, a Bedlam inmate named James Tilly Matthews became convinced that an insidious device called an "air loom" was brainwashing politicians. Cultural historian Mike Jay writes that Matthews' machine was the first recorded instance of what is now called an "influencing machine."
"For everyone who has since had messages beamed at them by the CIA, MI5, Masonic lodges or UFOs, via dental fillings, mysterious implants, TV sets or surveillance satellites, James Tilly Matthews is patient zero," Jay wrote in his book on Matthews, "A Visionary Madness." According to Matthews, the air loom worked by shaping "airs" into a "warp of magnetic fluid" which was directed at government ministers to alter their minds.
Most of us don't share Matthews' beliefs. Yet in a similarly delusional way, many of us believe in the insidious power of machine operators to achieve superhuman feats.
Every new technology comes into the world with a shadow trailing behind it. Technology is compressed power, and the power to aid is also the power to do harm. And here lies the problem: namely, that most of us, including powerful people like Donna Brazile and most politicians, have conflated power, technology and progress into one big ball. These hegemonic ideas about technology turn those who can hack into mythical figures.
Our society is divided on many questions, but we are in a moment in which humans as a whole are remarkably, even devoutly technocratic. Many of the reporters who should look at tech with a critical eye are blinded by the light. The now-defunct Theranos, led by 21st-century huckster Elizabeth Holmes, largely got away with their long con because of press gullibility. If a single journalist, John Carreyrou, hadn't been so persistent, Holmes and Theranos might still be in business today. That says a lot about how technology — and technologists — masquerade as being mythical in their power. Much like hackers.
Generally, our anxieties about technology, and our tendency to conflate it with power, come out in the socially acceptable realm of fiction. In our horror films and TV shows, in our Frankensteins and Matrices and “Black Mirrors,” we can absorb criticisms of tech without being seen as Amish.
And occasionally, we use politics to talk about tech. Liberals are spooked by hackers, the technology of computers. Conservatives are haunted by an older technology, the mass media. Traditionally, the right is terrified of the mob. In particular, they fear the demagogue, who will rise to power by deceiving the foolish herd. How will the demagogue do this? Through media: through television, radio and newspapers.
But because tech and progress are synonymous, it’s hard to criticize the tech itself; hence, we generally project the ills wrought by technology onto bad users. It’s like the “guns don’t kill people, people kill people” bumper sticker that the pro-gun crowd employs; that may be true, but it’s a lot harder to kill people without guns. Likewise, it’s a lot harder to hack into a server without the internet being there.
Instead of saying that cars are dangerous, that mass media is shallow, that social media is addictive, that fast food is unhealthy, and that guns are murderous, we put the guilt on the “Bad User.” When philosophers speak of consciousness inside bodies, they sometimes use the phrase “the ghost in the machine.” When I consider fresh technology, I think of the ghost outside of the machine: What monster user will we eventually blame for all the negative aspects of the new tool?
Indeed, technology is not a neutral force, but a tool. And tools are designed by specific people in specific contexts for specific reasons. Technology implies design implies agenda.
We like devices. We like consuming them. We don't like to ponder the why behind them, any more than we like to consider the supply chain when we sit down to a meal. The specter of the Bad User keeps us from thinking too hard about the technology itself.
The Evil Hacker is a useful whipping boy: He symbolizes our inability to take responsibility for our own tools. He's the Jungian Shadow. The Bad Hacker allows us to dodge the hard questions.
"How did they hack the DNC?" is the wrong query. The right question would be, "Why was a popular election so dependent on the data of a small elite? Why should the vulnerability of one group determine the fate of nations?"
The coverage of Edward Snowden focused on how Snowden got into the system: "How could one man access all this information?" Again, the wrong question. Better question: "Why does this terrible, invasive system exist in the first place? Why should the NSA have all of this power?"
Forget the myth of the Bad User. Enough projection. We should all be hackers; we should all be thoughtful masters of our toys. Let us face our technology, and the hands that make it. Hacker, hack thyself.