is the "epic hack" story all that it seems?

This piece by Wired's Mat Honan has been getting a lot of play this week, and it should. I found it deeply unsettling, and amping up my digital security has been moved up to the top of my "to-do" list for this weekend. This is clearly the intended result.

Seriously, you should go read it right now, if you haven't already. Unless you live off the grid (and if you are reading this, you do not) this applies to you.

That said, there was a brief moment in NPR's coverage this morning that struck me as...not quite right. What follows is my transcription:

NPR: Now, you know who these hackers are because you've been in touch with them.

Honan: That's right, I set up a second Twitter account that night, and began communicating with the people who were in control of my Twitter account. I told one of them--and I've really only been in contact with one of them--they were apparently working as a team--that if he would tell me how he did all of this, that I would not press charges or take any action. So he then walked me through all the steps, and it was really eye-opening. 

OK, I understand that Honan is a writer who specializes in precisely these sorts of issues, so the notion that he's willing to forgive and forget such a devastating theft and invasion of his privacy for the sake of writing what could very well be the piece of his career--and one that will do a great deal of good--is entirely plausible. And he has a big enough presence on the web that it isn't hard to see why hackers might consider him an attractive target.

Here's what I have a hard time believing: that the hackers would do something like this, and then communicate with their victim, and give him exactly the information that he needs to write the story of his career. Doesn't that strike you as...a bit too good to be true?

I want to be really, really clear here that I am not accusing anyone of anything, and that I have nothing to base this question on other than my own bullshit detector. Maybe Honan really was that "lucky" and really is that magnanimous. And if so--good for him. Like I said, the information on security vulnerabilities he's putting out there is stuff people need to hear.

And hell, maybe the hackers see themselves as white hats, and exposing the security holes in Apple et al. was their ultimate goal to begin with, and that's why they hit Honan. After all, they probably could wreaked havoc on his credit cards or bank account if they wanted to. (And they probably could have targeted someone who has a hell of a lot more money than I imagine Honan does.) But to believe that, you also have to believe that they correctly anticipated Honan would a) get in touch with them, b) not simply sic the authorities on them, and c) be willing to publish a story in which he looks like kind of the fool, for someone who has built a career as a tech-savvy guy.

Maybe so. But man, it just feels like a script to me, and I have to wonder what's gone into the fact-checking on this story.

1 comment:

local tourist said...

It sounds like Apple is doing more to respond to this simple hack than Amazon