"The Guardian" has been rightfully praised for its role in exposing the "News of the World" hacks. In a world often concerned that the shift to digital has sounded the death knell of "accountability journalism," it's refreshing to see that it's still going strong.
The scandal has raised plenty of questions about the ethics of checkbook journalism, the cozy ties between the government and the media, and the role of relying on shady intermediaries like private investigators. What it hasn't done is brought up much discussion about the ethics of hacking.
We live in an age of hacking. The bar for expertise has been lowered. Week in, week out, some corporation is being hacked by someone or other. Credit-card numbers are lost; unencrypted passwords are posted online. Kids with virtually no technical knowledge can take part in a disabling distributed denial of service (DDoS) attack or play around with malicious bits of code. For many hacking has become like a video game: anyone can do it and it is still abstract enough to destroy any empathy the hacker might have for the victim.
The moral high ground "The Guardian," "The New York Times," and much of the liberal press have taken on #hackgate would make sense to me, were it not for their cooperation with WikiLeaks.
(This isn't meant to be a shrill exercise in moral equivalency, to somehow excuse the terrible things the "News of the World" has done, but rather an attempt to wrangle with the ethics and morality of hacking, a subject I have covered on this blog.)
The official WikiLeaks line is that they don't hack -- rather they are just a repository for information, a safe digital haven for leakers. That's all very well, but how can news organizations working with WikiLeaks be so sure that their documents haven't been obtained by hacking?
There have been plenty of accusations and reports that WikiLeaks -- run by Julian Assange, who is after all a convicted hacker -- isn't just sitting around waiting for leaks but is actively going after them.
In Raffi Khatchadourian's "New Yorker" profile in June last year, it was claimed that WikiLeaks had snooped on traffic to get its first big cache of documents. From "Wired":
WikiLeaks, the controversial whistleblowing site that exposes secrets of governments and corporations, bootstrapped itself with a cache of documents obtained through an internet eavesdropping operation by one of its activists, according to a new profile of the organization's founder.
The activist siphoned more than a million documents as they traveled across the internet through Tor, also known as "The Onion Router," a sophisticated privacy tool that lets users navigate and send documents through the internet anonymously.
This was subsequently denied by Assange, who said that the "New Yorker" and "Wired" got it wrong.
Then in January of this year, there were new allegations that WikiLeaks had snooped on photo- and file-sharing networks to gain information:
(UPDATE: A reader on Twitter, @M_Poulet, points to a piece in "Forbes" where Tiversa seems to backtrack a bit. Certainly not a smoking gun, but still very hazy.)
Of course scraping peer-to-peer networks for rogue files isn't perhaps as serious as hacking into a dead teenager's phone, but the methods, if true, are still pretty dubious. (It is still accessing someone else's information without their knowledge.) And these are just the methods that have surfaced, although denied by WikiLeaks.
Above all, it does underscore the point about intermediaries and whether journalists have done enough due diligence to ensure that they have obtained their information by legitimate means -- that applies to grubby private investigators that leech off Fleet Street but also to hackers-turned-international-freedom-fighters like Assange. Read anything about Assange and it's clear that his own organization's accountability is the least of his concerns.
The question then is whether we are against hacking in journalism per se, or whether, despite its illegality, it depends on who the targets are. If the latter, the even thornier question is whether exposing information obtained by hacking can be seen as being in the public interest.
At Wired State, blogger Cathy Fitzpatrick is unequivocal:
Hackers are a hard bunch to define. It is a loaded term that means different things to different people: from the ultimate dark hat living in the shadows and stealing credit-card numbers to the white hat exposing security holes so the rest of us can live a more secure life online. Hacking is about the joy of code. It is about taking things apart to understand how they are built and how they can be built better. But while every religion has its aesthetes, it also has its pedophile priests.
We often judge hackers by who they hack. If they hack someone we don't sympathize with, we tend to see them as heroes, or at least confused teenagers, or pranksters, who are only doing it to get noticed and land a job at Google. If, however, we might sympathize with the target of the hack, then the hacker is an unscrupulous and malicious black hat, corrupted by money or power. Our hackers are hacktivists; your hackers are hacks.
Now another report has surfaced at "The Nation" talking about a "brain room" at Fox News, a "special-security-clearance-only bunker" for phone hacking. Sounds scary, right? Hackers able to access any information, working outside standard journalistic procedure, with little transparency or accountability. Sounds a bit like WikiLeaks.
The scandal has raised plenty of questions about the ethics of checkbook journalism, the cozy ties between the government and the media, and the role of relying on shady intermediaries like private investigators. What it hasn't done is brought up much discussion about the ethics of hacking.
We live in an age of hacking. The bar for expertise has been lowered. Week in, week out, some corporation is being hacked by someone or other. Credit-card numbers are lost; unencrypted passwords are posted online. Kids with virtually no technical knowledge can take part in a disabling distributed denial of service (DDoS) attack or play around with malicious bits of code. For many hacking has become like a video game: anyone can do it and it is still abstract enough to destroy any empathy the hacker might have for the victim.
The moral high ground "The Guardian," "The New York Times," and much of the liberal press have taken on #hackgate would make sense to me, were it not for their cooperation with WikiLeaks.
(This isn't meant to be a shrill exercise in moral equivalency, to somehow excuse the terrible things the "News of the World" has done, but rather an attempt to wrangle with the ethics and morality of hacking, a subject I have covered on this blog.)
The official WikiLeaks line is that they don't hack -- rather they are just a repository for information, a safe digital haven for leakers. That's all very well, but how can news organizations working with WikiLeaks be so sure that their documents haven't been obtained by hacking?
There have been plenty of accusations and reports that WikiLeaks -- run by Julian Assange, who is after all a convicted hacker -- isn't just sitting around waiting for leaks but is actively going after them.
In Raffi Khatchadourian's "New Yorker" profile in June last year, it was claimed that WikiLeaks had snooped on traffic to get its first big cache of documents. From "Wired":
WikiLeaks, the controversial whistleblowing site that exposes secrets of governments and corporations, bootstrapped itself with a cache of documents obtained through an internet eavesdropping operation by one of its activists, according to a new profile of the organization's founder.
The activist siphoned more than a million documents as they traveled across the internet through Tor, also known as "The Onion Router," a sophisticated privacy tool that lets users navigate and send documents through the internet anonymously.
This was subsequently denied by Assange, who said that the "New Yorker" and "Wired" got it wrong.
Then in January of this year, there were new allegations that WikiLeaks had snooped on photo- and file-sharing networks to gain information:
Tiversa Inc., a company based in Cranberry Township, Pennsylvania, has evidence that WikiLeaks, which has said it doesn’t know who provides it with information, may seek out secret data itself, using so-called “peer-to-peer” networks, Chief Executive Officer Robert Boback claimed. He said the government is examining evidence that Tiversa has turned over.
(UPDATE: A reader on Twitter, @M_Poulet, points to a piece in "Forbes" where Tiversa seems to backtrack a bit. Certainly not a smoking gun, but still very hazy.)
Of course scraping peer-to-peer networks for rogue files isn't perhaps as serious as hacking into a dead teenager's phone, but the methods, if true, are still pretty dubious. (It is still accessing someone else's information without their knowledge.) And these are just the methods that have surfaced, although denied by WikiLeaks.
Above all, it does underscore the point about intermediaries and whether journalists have done enough due diligence to ensure that they have obtained their information by legitimate means -- that applies to grubby private investigators that leech off Fleet Street but also to hackers-turned-international-freedom-fighters like Assange. Read anything about Assange and it's clear that his own organization's accountability is the least of his concerns.
The question then is whether we are against hacking in journalism per se, or whether, despite its illegality, it depends on who the targets are. If the latter, the even thornier question is whether exposing information obtained by hacking can be seen as being in the public interest.
At Wired State, blogger Cathy Fitzpatrick is unequivocal:
It truly boggles the mind, how many people are plussing up the Google+ waves with puffed-up chests in indignation about what Murdoch's paper has been caught doing who were never, ever available to utter a word of criticism about WikiLeaks, doing the exact same thing (and, arguably, with more far-reaching damages to more people and governments around the world).
To my mind, they are very similar; hacking is wrong, unethical, and criminal in both cases and should be prosecuted, and yes, in both cases, there is not a direct relationship to actual hacking, but intermediaries are used. That doesn't sanitize it in either case.
To my mind, they are very similar; hacking is wrong, unethical, and criminal in both cases and should be prosecuted, and yes, in both cases, there is not a direct relationship to actual hacking, but intermediaries are used. That doesn't sanitize it in either case.
Hackers are a hard bunch to define. It is a loaded term that means different things to different people: from the ultimate dark hat living in the shadows and stealing credit-card numbers to the white hat exposing security holes so the rest of us can live a more secure life online. Hacking is about the joy of code. It is about taking things apart to understand how they are built and how they can be built better. But while every religion has its aesthetes, it also has its pedophile priests.
We often judge hackers by who they hack. If they hack someone we don't sympathize with, we tend to see them as heroes, or at least confused teenagers, or pranksters, who are only doing it to get noticed and land a job at Google. If, however, we might sympathize with the target of the hack, then the hacker is an unscrupulous and malicious black hat, corrupted by money or power. Our hackers are hacktivists; your hackers are hacks.
Now another report has surfaced at "The Nation" talking about a "brain room" at Fox News, a "special-security-clearance-only bunker" for phone hacking. Sounds scary, right? Hackers able to access any information, working outside standard journalistic procedure, with little transparency or accountability. Sounds a bit like WikiLeaks.