Tuesday, June 30, 2009

False sense of security

Superhacker Max Butler Pleads Guilty

When Max Butler was 25, curiosity led him to hack into Pentagon computers, where he promptly closed security holes he found, effectively making the network more secure. The Pentagon immediately hired Butler as their new head of network security. No wait, they actually put him in jail, where he met real criminals and taught them how to steal credit card numbers.

What have we learned from this story?
  1. Not only does our justice system fail to deter criminal activity, it actually creates more sophisticated criminals

  2. The Federal Government is not interested in improving security, only in prosecuting offenders (that they know about) long after the breach occurs
This is one of my biggest pet peeves: security by threat of prosecution. I would say this is the bureaucratic equivalent of closing the barn door after the horses have gone, but all they're really doing is scolding the horses.

Bad horse! See that barn door? I'm going to leave it wide open. Do not run through it again, or else!

No comments: