Tag Archives: computer code

A Hat of a Different Color

Dapper man in white fedora, face partially obscured.It used to be that computer hackers came in two shades, black hat and white hat. Black hat refers to the nefarious hacker illegally trying to exploit network and computer security holes for gain or simple malice. White hat refers to hackers trying to highlight security lapses in order to warn others and work to patch vulnerabilities. With the recent hack of Ashley Madison, it appears that there is a third type of hacker trying to right moral or political wrongs instead of or in addition to potential economic gain.

History

In the early days of hacking I read about the exploits of Kevin Mitnick. As a teenager, he hacked into the networks and systems of technology and telecommunications companies and spent over five years in prison on two different occasions after being sentenced on federal wire fraud charges. Much of his success he attributes to social engineering, or the ability to charm passwords out of unsuspecting people. Now he is an information security consultant. He is a case of a black hat turned into a white hat.

I also enjoyed the 1989 book “The Cuckoo’s Egg,” by astrophysicist Clifford Stoll, which relates the tale of tracking a hacker who broke into Lawrence Berkeley National Laboratory and used it as a jumping off point to burrow into military and defense systems. The hacker was eventually caught, with Stoll’s help, and it was discovered that he was selling stolen information to the KGB.

Computer hacking has existed since computers were connected together in a network and people sought vulnerabilities in the technology. As computer code becomes ever more complicated, it raises the possibility of errors that can and will be exploited by either the black hats for monetary gain or malice or the white hats trying to highlight the vulnerability.

Ashley Madison

The Ashley Madison hack seems at first blush to be a hack of a different color. AshleyMadison.com is a website that matches people seeking adulterous affairs. Hackers identifying themselves as The Impact Team took over the site and announced they had stolen identity information of 33 million subscribers and threatened to publish that information unless the parent company, Avid Life Media (ALM), agreed to shut down the site. It appears the hackers were angry over the content and purpose of the site but in their manifesto they also blasted the practice of ALM charging $19 to have a profile removed from the site. To prove that a profile was not completely removed from databases, they released the names of two members who had paid to be eliminated from the site.

Whether the hackers were incensed with the moral foundation of the site or the economical injustice against members, this seems to be a different type of exploit. The Impact Team could still demand ransom for the stolen information, in which case I would put them squarely in the black hat camp, or they could use this hack as a platform for their cause, whatever that may be. Either way, this will no doubt be a topic of conversation at the upcoming information security conference sponsored by the likes of Microsoft and Cisco, which is oddly named the Black Hat Conference.

Thoughts

What do you think? While hacks of this type are still clearly illegal, their aim seems to be to prove a point instead of seeking monetary gain or notoriety. I wonder what’s next? Other dating websites? Perhaps gambling sites? Let me know your thoughts.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

The Quest for Elegant Simplicity

Photograph of three stones stacked in the center of a pattern raked into the sand of a Zen garden.In our business solutions class we have been studying product and process innovation and the need to maintain the right balance between desired features and unmanageable complexity. After the recent high profile outages at the New York Stock Exchange and United Airlines, I wonder if the balance has tipped toward the latter. Both outages reportedly happened because of software upgrades and the interaction between the old code and the new code. In some instances, there is so much complex code that no one can tell what is going to happen.

Elegant Simplicity

I believe that there is a sweet spot between simplicity and complexity that I call elegant simplicity. Oliver Wendell Holmes Sr. is reported to have said: “For the simplicity on this side of complexity, I wouldn’t give you a fig. But for the simplicity on the other side of complexity, for that I would give you anything I have.” There is a big difference between crude simplicity and elegant simplicity. Perhaps you have come across a product, service, or process that is well thought out and just works, every time. Here are a couple of my favorites, and I invite you to write to me about yours.

Netflix

As I shared with our class, I love the Netflix service. I have been a customer for several years and it always works as promised. I am a DVD customer and I have established a personal queue from their selection. As soon as I am done watching the current DVD, I send it back in the prepaid envelope and the next one in my queue comes very quickly. They send me unobtrusive e-mails to let me know that they have received my DVD, and another e-mail to let me know that my next movie is on its way. I just received notification that they are consolidating both of those e-mails into one, to further reduce the mail in my inbox. They read my mind. Netflix does the job I need to have done and no more. They have fulfilled my definition of elegant simplicity.

Internet Radio

Another example of a product that for me just works is my internet radio. This is a recent purchase that I easily connected to my home sound system and my wireless router. I then found several stations that I listen to on a regular basis. This product is complicated, but the interface is intuitive, either from the front panel, the remote, or from the smartphone app. I can access several thousand stations and it delivers exactly what I need and no more. It can be as elaborate or as simple as I want it to be.

These examples highlight products that are complex under the surface but provide a simple user experience and are reliable. In these I have found elegant simplicity free of the complexity that could make them unreliable.

Thoughts

I am going to strive to find that spot of simplicity on the other side of complexity in my writing, my work, and my life. Will you join me? Do you have examples of products, processes, or services that make you smile? Our innovation class would love to hear from you and learn from your experiences.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.