Advertisement
calm down

Against Hack Porn

Media outlets often cover fanciful hacking techniques, but they need to make it clear that these attacks will probably never apply to most readers.

Joseph Cox

Image: Shutterstock

Using a drone mounted-laser to control malware through a scanner. Crafting malicious music that can surreptitiously affect Fitbits and other electronic devices. Hijacking computers to send sought-after data back to attackers through soundwaves.

Advertisement

These are all fanciful hacking techniques, pushing the expectation of what can be achieved and what is vulnerable in cybersecurity today. But, they are also prime material for becoming something else: what I call hack porn.

Over the top, gratuitous hack porn is constantly looking for the next elaborate way to break in, or demonstrating a hot new attack that may seem realistic and slick in the demonstration, but is nothing like the reality most people are going to face.

To be clear: this sort of research is, of course, still highly valuable, and it’s great that researchers are pursuing it. The experimental techniques of today may eventually trickle down to more ordinary cybercriminals, or at least a few of them, and so it’s worth knowing how they work. And lifting data via sound-waves or some of the other techniques are likely in the toolset of higher-end intelligence agencies, potentially allowing governments to find out how to defend themselves.

And it’s not to say that journalists shouldn’t cover such research—digesting a dense technical paper into something more accessible, perhaps for policy makers or anyone else, is part of what journalists do.

But, if the job of a journalist is to provide information that people can then use to make better decisions, giving top-billed space to hacks that won’t apply to ordinary readers could backfire.

Advertisement

Without the proper caveats, there is a danger that readers may come away more confused and worried about potential high-end hacking attacks, even though most of these techniques won’t apply to the vast majority of readers, even those reading a tech-focused publication. Readers might end up getting worried about laser-carrying drones when they don’t use two-factor authentication; not pay attention to the fact that internet-of-things device they just bought for Christmas may be inherently insecure, or perhaps have more concern for their computer’s soundwaves than the data breaches that plague consumers every single day.

When writing about this kind of research, it’s important for us to properly contextualize it and make clear that while a lot of these techniques are indeed cutting edge and cool, most of them are unlikely to ever be deployed against the average consumer; unless you just want to create a piece of hack porn.

More from motherboard