this post was submitted on 03 Sep 2022
17 points (75.8% liked)

Security

5010 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
17
submitted 2 years ago* (last edited 2 years ago) by jonesv@lemmy.ml to c/security@lemmy.ml
 

Users of the Signal messaging app got hit by a hacker attack. We analyze what happened and why the attack demonstrates that Signal is reliable.

you are viewing a single comment's thread
view the rest of the comments
[–] rysiek@szmer.info 3 points 2 years ago* (last edited 2 years ago) (3 children)

First, I did not make the title, I just linked an article.

Great. No need to take stuff personally. But since you did: one thing you could have done is to replace "hackers" with "[malicious actors]" (yes, in square brackets, to signify modification).

Second, I get that you wish people did not use the word “hacker” the way they do, but… isn’t it how natural languages work? Words mean what people them for. I wish “crypto” did not mean “cryptocurrencies”, butibn many contexts it does. That’s life.

I linked to the specific entry on my blog, because I expected that exact type of response. I give pretty specific arguments why I find the abuse of the word "hacker" problematic. And not just from the perspective of hackers (i.e. tinkerers, techies, etc) themselves, but also from the broader perspective of being able to have informed public debate about information security.

You are using the same argument that has been used against Black activists trying to reclaim the N-word, and against LGBTQ+ activists who tried to reclaim the F-word. And you know what? They both succeeded.

So there's that.

[–] jonesv@lemmy.ml 0 points 2 years ago* (last edited 2 years ago) (2 children)

So you're saying that a "black hat hacker" cannot exist, because by definition a hacker is not a malicious actor. So everyone who is using the word "blackhat" is disrespectful towards those who identify as "hackers", as much as using the N-word or F-word is disrespectful towards the respective communities. Am I getting that right?

[–] rysiek@szmer.info 2 points 2 years ago (1 children)

So you’re saying that a “black hat hacker” cannot exist, because by definition a hacker is not a malicious actor.

I never said that. I said:

Can we please stop using the word “hacker” when we mean “cybercriminals”, “attackers”, “malicious agents”?

Many of these cybercriminals, attackers, and malicious agents are, in fact, hackers. They are also techies. Would it make sense to say "Signal got hit by a techies' attack"? No, obviously not — one chooses the most specific term that fits in the context. But "hacker" is not that in this particular case.

If a bank is robbed and it just so happens that every single member of the robbers' team happens to be a driver, would you write "Bank robbed by drivers"? Or, to be even closer to the absurdity in that article, "Bank driven by drivers"? No, that would be silly. You would write instead: "Bank robbed by robbers".

So instead of writing "Signal hacked by hackers" it really makes way more sense (and happens to also be more informative) to write "Signal attacked by state-sponsored attackers", or whatever the specific case might be.

So everyone who is using the word “blackhat” is disrespectful towards those who identify as “hackers”, as much as using the N-word or F-word is disrespectful towards the respective communities.

No, but I would agree that people who knowingly misuse the word "hacker" when they mean "attacker", etc., are disrespectful to the amazing, creative, inventive and inspiring people who often identify themselves as "hackers". Come to a hacker con or camp one day and maybe you'll get it.

I getting that right?

No, you are clearly arguing in bad faith, trying to put in my mouth something I did not say. And you know it very well.

[–] jonesv@lemmy.ml 2 points 2 years ago

So instead of writing “Signal hacked by hackers”

Pretty sure it was "Signal attacked by hackers", but I get your point about "Signal hacked by hackers", though I don't think this would be worth an entire blog post :-).

trying to put in my mouth something I did not say.

On the contrary, I am trying to reformulate what I understood, so that you can confirm (or not) that I got your point. Don't assume that people who disagree with you are in bad faith, and you'll generally have a better experience communicating.

Anyway, that's not constructive, let's stop here.