Watching the news over the last few days, it’s pretty much been wall-to-wall coverage of the Air France crash off the coast of Brazil. And, as has been historically the case when such tragedies occur, the news media isn’t exactly doing a bangup job of being the calm voices of fact and reason. Patrick Smith, in his Ask the Pilot column, regularly does an awesome job of pointing out the shortcomings of the media when it comes to aviation-related subjects. But, watching this coverage, and reading Smith’s latest column, made me think of another subject where the media tends to err on the side of sensationalism without a whole lot of regard for accuracy: a topic near and dear to my own heart, information and network security.
One doesn’t have to look far to find a particularly fact-challenged depiction of security topics in the media. Take this article for example, reporting on the near-total meltdown of the new pay-parking system deployed in the city of Chicago. Here they are quoting some self-appointed “hardware security expert”, who raises the specter of hackers, and specifically calls out Chinese hackers as being a possibility, without even the minutest shred of evidence to suggest that was the case. In fact, simply disabling pay-parking kiosks isn’t even CLOSE to the typical M.O. of Asian cracker groups, as there’s not really a lot of profit motive in just shutting the kiosks down. (there is the prospect of extortion, but that doesn’t seem likely to be the case here, either)
So, why would someone make such wildly-uninformed speculative statments to the media? Simple: it sounds just plausible enough to a person not otherwise versed on the subject that it would create an air of credibility, whereas simply saying “I don’t know what happened, and no one else really does” doesn’t make for a good soundbite.
Here’s another, particularly egregious, example. This video takes the repeat defacement of some kid’s Myspace page, and actually tries (and fails) to connect it to terrorism, even going so far to show a van exploding not once, but twice, the second time in super-slow-mo. (for emphasis, I suppose) When I watch a video like that I get this mental image of the promo they probably aired before the news that evening; I’m imagining that it sounded something like: “Internet hate groups – are YOUR CHILDREN at risk? Tune in at 11 for the full Fox11 investigation”
Here’s a little speculation of my own: Terrorists with the means, motive, and opportunity to blow up a van in a public place couldn’t possibly care less about your Myspace. My personal guess is this kid just pissed off someone on 4chan, and was stupid enough to get social-engineered into installing a keylogger on his box, which explains why his page is was getting owned despite the fact that he had changed his password a few dozen more times. With the keylogger retrieving his password (and everything else he types) and sending it to points unknown, the 4chan crowd then used that information to have an absolute field day screwing with this guy. Their actions were about as harmful as a prank call, and just about as emotionally mature.
But, a person who doesn’t have a background in information security (meaning, 99% of the American population) would be likely to listen to this reporter and come away thinking that out there on the internet, there is a group called “Anonymous” that is basically the second coming of Osama Bin Laden, bent on the abject destruction of everything holy. They even go so far as to cite the case of some moron who thought that just because he didn’t use his real name, he was truly anonymous, and decided to make bogus bomb threats against football stadiums. Clearly criminal, clearly stupid, but it’s ridiculous to lump someone like that in with the people who really have the means, motive, and opportunity to blow things up.
But, like in aviation, being the voice of calm and reason when it comes to information security isn’t good for ratings, right?
Comments
Leave a Reply
Ed Mahoney on 06.08.2009
The media has lost credibility for many. I’m never sure myself when I’m actually viewing infotainment. I am becoming more comfortable with subscribing to tweets and blogs as I find “trusted” sources of information I rely upon.
The opinions voiced here are purely personal and they do not in any way represent the opinions, experiences or directions of my immediate management or employer.