PC security has garnered a number of headlines recently, and with the rise of technology at home and work, and our increasing dependence on it, these issues will continue to grab the spotlight.
No one wants to think that their personal files or information about themselves can be violated. Ignorance is often bliss. I am sure the people who registered at the GST Assist site a few months ago will back me up on this. They received an e-mail from someone who had gained access, quite easily, to their personal information due to a security breach on the site.
"The Web site at http://www.gstassist.gov.au/ has a serious security flaw which permits access to your private details, including your bank account information."
When you discover your sensitive personal information is vulnerable and accessible, you want answers, not excuses. Yet once alerted of the security flaw, the immediate response from Treasury officials was to issue the following statement.
"It has been established that the GST Assist site was improperly accessed and data extracted by a hacker," reads the statement.
This is a common response by everyone when there has been a security breach. Blame the hacker first, question your level of security second.
Last month, PC World featured an article on personal firewalls, "Make your PC hacker-proof". A few years ago, most people wouldn't have considered PC security to be much of an issue, or even given it a second thought. But with more people connecting to the Internet at home and work, the connection to the outside world can leave us open to attack. Coupled with the rise of e-commerce, and more of us than ever before shopping for Christmas or banking online, this means that we need to know that our personal information is secure, and won't be accessed by unauthorised assailants.
The term hacker is commonly used to paint a picture of a geeky teenager, keying away in a bedroom accessing your credit card credentials online, for a few hours of instant wealth. Of course, the negative connotation of hackers in the press gets many supporters fired up. Below is an edited extract of one such response from a passionate hacker and PC World reader to the use of the term hacker in the personal firewall feature.
"A hacker is not someone who runs a DoS (denial of service) program on someone's Web site or computer, nor is it someone who invades computers to trash them. Running a Trojan program to gain access to a Windows computer is not hacking, either, partly because it is unethical and partly because no skill is required. All of these things go seriously against the ethics of a hacker.
"There is no such thing as a malicious hacker. Breaking into someone's computer to trash it is called cracking, and hackers disapprove of crackers. Hackers think that crackers are lazy, irresponsible people, who cannot be bothered to learn anything, so they use Trojans and DoS attacks to cause damage for no reason. Hacking is a skill, and white hat hackers are very highly paid indeed, and the majority learned their skills from the computer underground. Hackers are not bad." - Saad HafizSo, who are the hackers? Are they "just souls whose intentions are good"? This month's feature on "Hackers exposed: online terrorists or the new Net police?" throws a new light on hackers. Who knows, you may end up seeing this maligned group as the new heroes in our technological society.