The small community newspaper where I grew up, The Sentinel, once manufactured a story during a slow week
by fixating on a letter writer who complained that their frontpage could be relied upon to cover the most
depressing news imaginable: murder, robbery and suicide weren't particularly common within the
community, but they certainly did dominant the cover. The paper's defense was rather simple:
fear-mongering was essential for circulation numbers; they'd once tried focusing on more positive
stories, but their sales went down, so they maintained the negative focus out of economic necessity.
Keeping newspapers alive by intentionally misleading readerships shares a strong parallel with the tragic case of
Terri Schiavo: at great medical effort we can maintain a body's
function, but without a soul the function loses purpose. Cherish the memories, but depart the past.
Of course, even in my flawed memory this recent wave of internet warfare hype
seems a bit too familiar. Haven't we already done this one? Can't we remember the embarrassment of the first crackers-are-going-to-get-you wave which
culminated in articles like this Special ReportAnatomy of a hacking?
These articles have more in common with a Tom Clancy novel than with reality. Just feel the surge of adrenaline
from these excerpts (all from the New York Times piece linked above):
The exotic nature of the work...
It's exotic like working in Quality Assurance is exotic. The difference is
these elite cyber-assassin commandos don't report their bugs to the developers, but keep them to themselves.
I can only imagine the pain that these highly train professionals feel when the engineers developing the software fix bug they have discovered. It must feel like being robbed, which I suppose is--in a sense--somewhat exotic.
...thousands of "hacker soldiers" within the Pentagon...
No, not really. Unless you mean programmers who work for the Pentagon, in which case, technically yes, but still no, not really.
The companies have been moving quickly to lock up the relatively small number of experts with the training and creativity to block the attacks and design countermeasures.
You could be forgiven for misunderstanding after reading this quote, but it turns out that this line of work is predominantly quite mundane. Individuals take widely known attack vectors, which is a glamorous term for problems with software.
They then take this list and start writing scripts to exploit these various problems. Bowing to the law of large numbers, some exploits are undoubtedly
quite clever, but mostly they are predictable exploits of common errors in code.
Discovering these exploits is an exercise in tedium. It is quite similar to performing academic research, but
generally without the opportunity to publish your findings (especially for these vaunted cyber soldiers, if their discoveries
are published then their value is eroded, whereas professional security researchers can make a great game of publicly shaming
companies for vulnerabilities and thus heroically exposing the company's users to great potential harm).
...running advertisements for "cyberninjas"...
Hmm. About that.
...the most cutting-edge work...
I the specificity of this phrase, but I'm conflicted because I'm pretty sure it doesn't mean anything. Foremost, software engineering isn't a field
that is changing at the speed of light. Sure, we keep changing the wallpaper, but the foundation hasn't shifted much in a few decades. Where it
has shifted, it has been largely from infusions from other fields like psychology, with research on communication and work habits.
...even the existence of research on cyberweapons was once highly classified...
This is a literary flourish to continue thrilling the spy-novel reader deep inside your heart.
True, it was undoubtedly classified, but even if the president's exact location this evening
is classified, you know he's almost certainly going to be eating dinner.
...set up "honey pots", the equivalent of sting operations, to lure hackers into digital cul-de-sacs...
Ack. Token usage of a quasi-technical term mixed with ambiguous verbiage. Which, when you come to think of it,
happens to summarize most coverage on the upcoming cyber-trench-hacker-soldier-warfare-armageddon or whatever
the hell it is supposed to be.
Although you might imagine that the sudden increase of news articles means today you are more vulnerable than yesterday,
or at least more vulnerable than a decade ago, but--be reassured--you aren't. New buzzwords, but the same old schtick.