I don’t want to live in a world where hacking comes in second to ISIS.
August 6, 2016 at Defcon 24
How to Overthrow a Government
[This is the white Australian Chris Rock, not the black U.S. Chris Rock.
This was his response to someone who said the biggest threats the world currently faces are, in order, ISIS, Hacking, … some other stuff. His point was that he thinks hacking should be number one in the list of threats to the world. Why should hacking come in behind a bunch of incompetent amateurs? So, he showed how hacking was used to create changes in the government of Kuwait a few years ago. At least that was strongly implied. It wasn’t clear to me whether this actually happened or was just a plausible explanation of what might have happened.
Here are some pictures from his presentation:
I have no idea what, if anything, that means. Do I have to watch the presentation to find out?
Yeah, I’m confused and glad to see it isn’t just me. Whew!
I will say that evil is still evil. It changes it’s name and adapts but;
ISIS = authoritarian mass murderers
Hacking = B&E and theft, sometimes espionage
Nope, still the same evil.
I updated the post to make things more clear. Let me know if it is still unclear.
Yes, that is much clearer.
There are a lot of doomsday scenarios involving hacking. Some of those are created by people who have no clue at all. Some are more plausible. A lot are unclear. For example, I don’t know enough about power grid control systems to judge whether they are vulnerable to hacking. Ditto cars. While some car designers are idiots, competent designers do not put the audio system and the engine control in the same computer, so while a hacker might inflict Barry Manilow on you, he would not be able to make your car speed up or stop in the middle of the highway. (Conversely, the fact that people could demonstrate this with a Jeep is prima facie evidence that those engineers are unqualified.)
In short, the demonstrated evil consequences of hacking, as opposed to the hypothesized ones, are few and far between and not particularly deadly. On the other hand, those of ISIS are very clear and obvious.
Rock claimed hacking into bank(s) and transferring government money to a politician which was then used as evidence the politician was corrupt. Hacks into the media put “news” on websites which did not come via official news sources. All seemed plausible.
I don’t know the current story on the power grid but 10 years ago it was very vulnerable to hacking.
I know a lot of cars have vulnerabilities. It’s not just Jeep.
Also, the computer systems on commercial airplanes has been shown to be vulnerable to passengers with a computer and the right software. It’s pretty bad.
Why move the money? That would definitely get the wrong attention if the plan was simply to defame some pol. Hmm. Of course, most cyber crime is just for bragging rights.
Paul, the “…the audio system and the engine control in the same computer…” are not the in the same computer, yes. But they are on the same network.
A antilock brake module is the same as a Bluetooth module on the CAN.
Like Borepatch says “Security wasn’t an afterthought: it wasn’t thought of at all.”
Nope, remote access is the primary design intent. Internet of things. SMART = tracking you.
But this Chris Rock “kills” people!
When delivering this presentation there were many things at play including legalities, reputation of an entire country and other things……….Fuk em, I presented anyway.