Hacking the news

I have no idea how widely this was reported; I suppose chances are pretty good that anyone reading this entry already knows about it, but I figure it's worth tossing in just in case. Hacker Adrian Lamo, who's exposed some major security holes in various pieces of software, managed to break into Yahoo!'s network and modify news stories posted at Yahoo! News. He did it by changing settings in his Web browser, without even having to enter a password. Yahoo! has since closed the security hole. Says Lamo: "At that point I had more potential readership than the Washington Post."

In other electronic-security news, there are of course murmurs going around Washington about requiring all crypto systems to have US Gov't-accessible back doors built in, a la the Clipper Chip. Good article on government access to encryption keys at SecurityFocus. I admit that some of the risks the security experts are warning about sound like excuses to me; if I were on the other side of the debate, I'd be inclined to say something like "Well, those are flaws in the proposed execution, not in the idea." But others of the risks mentioned do sound pretty serious to me; and for me, the civil-liberties argument is at least as compelling as the technical argument. ...The phrase "If strong crypto is outlawed, only outlaws will have strong crypto" (which doesn't appear in that article) makes me wonder, though, how strong the parallels are to gun control, and whether that should make me feel differently about the possibility of gov't restriction on crypto. I don't think so, but I ought to think more carefully about it to be sure.


"Yahoo! News Hacked" (SecurityFocus)

Join the Conversation