Hot on HuffPost Tech:

See More Stories
Engadget for the iPhone: download the app now
AOL Tech

News flash: everything on the Internet is hackable

This weekend, Gawker Media had its primary database compromised. In this monstrous breach, not only did 1.5 million users have their privacy breached and email address stolen, but they also had their passwords cracked. In a day and age where the currency of our email address and password -- and thus our identity -- is only superseded by our bank details, it's fair to label the Gawker breach as abominable.

Like all major disasters, though, this hack serves a higher purpose: it's now blatantly clear that you should not trust a website with sensitive details about yourself. There have been other hacks, of course; higher profile hacks (like the TJ Maxx debacle), with millions of credit card and social security numbers vanishing into the ether, causing billions of dollars of damage.

But they pale in comparison to the Gawker hack for one reason: it directly affected a huge swathe of the noisy, foot-stomping and petulant tech blogging minority.


Think about it: war is a terrible thing, but as long as it's happening far away and no one close to you dies, life marches on. By analogy, imagine if Habbo Hotel had been breached, rather than Gawker. "Poor kids" we'd mutter to ourselves, both unaffected and unfazed. It would probably warrant a couple of blog posts on Mashable, nothing more.

The Gawker hack, on the other hand, has brought the war and its dangers to our doorstep. Through reckless arrogance, the Gawker bloggers attracted the attention of a group of hackers, called Gnosis, that summarily taught them, and the world, a lesson.

While the hackers disclaim any connection to 4Chan, they admit in an interview that Gawker's earlier spat with 4Chan is what brought them into focus. As always with such hacks, Gnosis stresses just how easy the hack was. "Anyone could have gotten their hands on this info." And therein lies the problem: No one is safe from hacking. Even a modern, Web-based company with tech blogs like Lifehacker, Gizmodo and Kotaku was woefully insecure with passwords that could be cracked with antiquated hardware.

Later in the same interview, Gnosis says rather plainly "everyone is fair game on the Internet," which is true. The unstoppable march of technology and Moore's Law has taught us time and time again that, eventually, given enough time and determination, every wall will fall. It's unforgivable that Gawker used a disgustingly out-dated encryption method to hide its passwords. It's also hilariously awful that they thought their database was secure -- but ultimately it's neither here nor there. The fact is, hackers got into the system, and they could have done a lot worse than simply making the names and passwords public. There are military and governmental names in that database, and I bet there are some Microsoft and Google employees in there, too. Gnosis could have kept the entire hack private, and quietly extracted billions of dollars of intellectual property.

Data theft & democracy

This isn't something new, incidentally: data has been stolen since the beginning of time. Data -- knowledge, wisdom -- is the single most valuable creation of human culture. Once upon a time it was wax cylinders and sheets of papyrus that got stolen, and today it's digital files. It's humbling, and terrifying, but there's nothing we can do about it. Hacking, or modern-day data theft, is simply inevitable. If Gnosis doesn't hack your database, someone else will.

Don't be tempted to blame cheap computers and faster processors for the problem, either. The real culprit is the Internet, a humble slave of a network, where status and rank have no currency, and every peer is ultimately equal. Any one of us is fair game. The Internet is democratization at its most pure, where speech is truly free and no single opinion has more intrinsic value than the next. The Internet is a classless society, and anyone that thinks otherwise will quickly be knocked down to size.


But what can be done about it? Is there no recourse, no sanctuary? You can start by choosing a secure password, but that won't help you if the custodian of your password is reckless. It's like giving a house key to a teenager -- safe enough, but more risky than not giving them a key. Using a different password for every website is a better solution. Of course, you could simply never sign up for anything -- but in a society that is fast becoming Web-centric, it's not like that's a real option.

Really, if the Gawker hack has taught us anything, it's that no one -- especially tech bloggers -- should consider themselves loftier or more important than anyone else on the Internet. In fact, while the Internet is classless, there are strata, but there is only one divisor: knowledge. Military might, witty words and authority mean nothing on the Internet; only knowledge will set you apart -- and above -- from anyone else, and only knowledge will keep you safe.

Since writing this, it seems both DeviantART and McDonalds have also had their databases compromised. More details to follow.

Tags: crack, data, encryption, espionage, gawker, hack, internet, op-ed, opinion, password, security, web