A lot of reports about hacking are way over blown stories about goblins and boogey men than real life. The public just doesn't know and doesn't want to know. The magic is more sexy than reality. 1984 when the movie war games came out I was working as a software engineer for an aerospace company and part of that year I was working on a project to upgrade the space defense operations center at norad. The movie was fun, entertaining, and all fiction. Norad in real life wasn't anything as sophisticated as they made it in the movie. Even the planned upgrades we were getting paid for didn't match the imagination of hollywood. No master computers. No way to actually to dial in. That's just silly. In fact, on the projects that I worked on that were classified, we normally had to work in 'tempest' facilities. Google it. These were vaulted areas that were designed to block any em waves. This one room I worked in had a 2 ton door that sealed off the room. You had to enter and exit thru something like an airlock and each time you came in or left you had to unseal this door and then seal it again. The seal was created by these pneumatic tires all around the door. Not only did these facilities not have any networking or dialup capability but the fed was so paranoid about leaks that they made people work in vaults that blocked em waves. Of course there were dial up systems in govt and commercial, but not classified systems. There was some networking of sorts. I mean in those days before PCs, the interface to the system was thru a network of computer terminals. I mean, out mainframe computers were located in a different part of the building from the computer terminals and connected by wires but part of 'tempest' was that the wires had to be encased in a particular way within steel tubes and visible at all times so we had glass ceiling tiles throughout the building where these wires in steel tubing could be seen at all times. To tap in, you'd have to access the panels from a public corridor with employees going back and forth and patrolled by security 24/7/265, and also security cameras. Nobody, and I mean nobody ever tapped into a tempest facility, except maybe in a hollywood movie.
Most hacking then and now is thru people who have inside information about a company or agency. If you look at the dnc hacking in 2016 it was basically just a phishing attack involving people who weren't paying attention. And btw, phone phreaking isn't really computer hacking; not in the 80s it wasn't. It was about how the phone system works. I can't recall the name but there's a really good documentary about a guy who invented things like conference calls and then was hounded out of the business by the telephone companies. To solve his money problems he created a black box that prevented anyone from tracing calls. He was probably the very first phone hacker. Mitnick gets the publicity thru self marketing and the real geniuses get forgotten.
Several years later I was working for a mainframe manufacturer that sold and serviced computers to some of the largest corporations on the planet. During the 80s and early 90s most people aren't aware but there was little to no security built into the infrastructure around these computers, unless it was added by the customers, because no one thought it was possible that someone could tap into the comm lines. I mean, if you were sitting at a computer terminal and typed in your password, anyone who tapped into the comm line could discover someone's password. Was it possible? Sure, but I'm not aware of anyone who did. There were security holes in all of the system software and as far as I know, those have never been plugged. I know of at least one software product that was never fixed. I complained internally for years but for various reasons, management ignored the problem.
I'm not saying that hacking doesn't exist. You can trace hacking probably back to the 70s, and the spread of the internet has significantly increased the security risks. But, prior to the internet, I remember the days of worms and trojans and root kits, but guess what, when's the last time anyone complained a virus in the news. Is this because everyone is running virus protection. Yes, partly, but mostly it's because microsoft cleaned up their act and not only fixed holes in their software but fixed the development platform that all software developers need to write apps on a PC clone. Plus, it's far more attractive, easier and more lucrative to attack on the web than develop some malicious PC virus. My ex-company never did fix their security as far as I know, but their computers cost a min of 500k to start, and they didn't just sell to anyone so their security is more based on lack of access than anything else. But, I can't guarantee that anyone executing a financial transaction, such as a credit card purchase, or a bank withdrawal, used one of these systems at some point in the chain, and didn't know how vulnerable they were.
Most hacking then and now is thru people who have inside information about a company or agency. If you look at the dnc hacking in 2016 it was basically just a phishing attack involving people who weren't paying attention. And btw, phone phreaking isn't really computer hacking; not in the 80s it wasn't. It was about how the phone system works. I can't recall the name but there's a really good documentary about a guy who invented things like conference calls and then was hounded out of the business by the telephone companies. To solve his money problems he created a black box that prevented anyone from tracing calls. He was probably the very first phone hacker. Mitnick gets the publicity thru self marketing and the real geniuses get forgotten.
Several years later I was working for a mainframe manufacturer that sold and serviced computers to some of the largest corporations on the planet. During the 80s and early 90s most people aren't aware but there was little to no security built into the infrastructure around these computers, unless it was added by the customers, because no one thought it was possible that someone could tap into the comm lines. I mean, if you were sitting at a computer terminal and typed in your password, anyone who tapped into the comm line could discover someone's password. Was it possible? Sure, but I'm not aware of anyone who did. There were security holes in all of the system software and as far as I know, those have never been plugged. I know of at least one software product that was never fixed. I complained internally for years but for various reasons, management ignored the problem.
I'm not saying that hacking doesn't exist. You can trace hacking probably back to the 70s, and the spread of the internet has significantly increased the security risks. But, prior to the internet, I remember the days of worms and trojans and root kits, but guess what, when's the last time anyone complained a virus in the news. Is this because everyone is running virus protection. Yes, partly, but mostly it's because microsoft cleaned up their act and not only fixed holes in their software but fixed the development platform that all software developers need to write apps on a PC clone. Plus, it's far more attractive, easier and more lucrative to attack on the web than develop some malicious PC virus. My ex-company never did fix their security as far as I know, but their computers cost a min of 500k to start, and they didn't just sell to anyone so their security is more based on lack of access than anything else. But, I can't guarantee that anyone executing a financial transaction, such as a credit card purchase, or a bank withdrawal, used one of these systems at some point in the chain, and didn't know how vulnerable they were.
