Date: May 12 2012
Last week I was struck by the oddly parallel lives of two men identified as ''hackers'' in the media.
One, George Hotz, was the inadvertent catalyst behind one of the biggest ''hack wars'' ever, which led eventually to the hacking of Sony's enormous worldwide PSP network. The hack exposed the addresses, passwords, birthdays and email addresses of 77 million PSN (Play Station Network) subscribers.
The other man, identified by The New York Times as Marius Milner, is purportedly the ''rogue engineer'' behind the furore over Google's Street View service and the capturing of millions of people's private data.
For Hotz's full story, David Kushner's excellent story ''Machine Politics'' in The New Yorker is well worth a read.
But to summarise, Hotz rose to hacker fame by being, back in 2007, the first person to hack the brand-new iPhone. He was 17 years old at the time. In 2009, having successfully hacked later versions of the iPhone, he decided on a new challenge, the previously unhackable Play Station 3 from Sony. Hotz admits this was no easy task, but eventually in January 2010 he managed it, announcing on his blog: ''I have hacked the PS3.''
Sony soon disabled the original hack but later that year Hotz tried again, finally achieving complete control of the device in December. Sony reacted strongly to this hack, instigating a lawsuit against Hotz in early 2011 - and that's when things really went crazy.
Hotz's battle with Sony was taken up soon after by worldwide hacker group Anonymous, a collection of ''hactivists'' responsible for huge coordinated attacks against US government websites and many others worldwide.
In support of Hotz, Anonymous initiated a DOS (Denial of Service) attack against Sony.com and Playstation.com, overloading and taking down both sites. Then in April 2011 Sony engineers discovered that the PSN had been hacked, exposing the personal information of millions of Play Station subscribers.
Hotz condemned the actions of the hackers, though, as Kushner describes it, Hotz ''knew he had helped loosen a boulder that was now crashing down a hill''.
Milner, who describes himself as a ''hacker'' on his LinkedIn pages, has a less dramatic but still damaging story - at least in terms of damage to people's privacy.
It has emerged that between 2007 and 2010 Google, while driving around the streets of the world collecting data for Street View, was also collecting other stuff, notably packets of Wi-Fi data. At first Google claimed the data had been collected ''by accident'' and also that the data collected was ''fragmentary''.
Details emerged last week after a thorough investigation by the US Federal Communications Commission that make it clear both the above claims were untrue. Entire emails and passwords were collected by software specifically written to do this, software written by Milner.
Milner wrote the software on his ''20 per cent time'', the time Google allows its employees at work to pursue things that interest them. However, Milner was not part of the official Street View team, nor was he a very senior employee at Google.
As the FCC report explains, ''the engineer who wrote the code to capture the data told his managers about it. He told his colleagues about it.''
If those in charge of Street View approved the software to be included in the collection of Street View data, then this was not a ''mistake'' by Google but rather a knowing intrusion into private data. If they didn't approve it, then it smacks of horrible incompetence and woeful management practices.
George Hotz has said he is a proponent of ''freedom of information'', and referred to that motivation as one of the reasons he hacks. He's not out to harm anyone, just to beat the system, to expose flaws; he's ''a personification of freedom for all''. Yet a great deal of harm has been done in his name. It's more than hypocritical for Hotz and other hackers to advocate ''freedom of information'' then shut down the PSN network and remove access for millions of users, or expose their personal details on the internet.
But Hotz is surely a more innocent player here than Google. Yes, he willingly acted in a way that he knew was against the law, but he was more than open about it. Google, on the other hand, has tried to cover its sins up from day one, blaming rogue engineers, saying it was all a mistake, saying that there was no ''actual harm'' done. But the FCC report proves that most of those statements are untrue. It seemed to take an awfully long time for Google to admit any wrongdoing, let alone what the details were.
Hotz may have been a naive catalyst for hacking, but Google did it with its eyes wide open.
This material is subject to copyright and any unauthorised use, copying or mirroring is prohibited.
[ Canberra Times | Text-only index]