A Question of Security
The new year already looks set to usher in a new regime for the Internet in Hungary
One of Hungary's major access providers, Elender, had been hacked barely a week into the new year. The hacker or hackers were able to penetrate the user database, obtaining a list of user names and passwords of over two thousand Elender subscribers. This list was made public over the Internet, leaving the ISP affected scrambling frantically to implement a fix.
The hack comes at a time when questions have begun to arise over Internet security. Only a day before, a minor politician in Budapest was accused of uploading pedophilia to the web (Politicians, Police, and Pedophilia).
Among the general public, there still exists a certain apprehension about the Internet, despite the recognised need to learn about computers. This apprehension revolves around the common fears of data protection, pornography, and "harmful" content.
The Elender hack merely adds to the argument of those who feel a need to establish more stringent controls over computer-mediated media, including the establishment of an Internet police. Supporters of this idea point out that such enforcement already exists in Germany and the US, and that if these "great" democracies have it then so should Hungary. The title of a recent news report on RTL-Klub, one of the country's major television stations, is telling: "There's no Internet Police yet."
All too frequently, unfortunately, ideas are adopted in Hungary without properly thinking them through or working out the safeguards in order to check abuse. The idea of policing the Internet is merely the latest example.
Hacking in Hungary, like elsewhere, is not a rare event. Usually, academic institutions, mostly secondary schools and universities, come under some sort of attack. What was special about Elender is that it was the first time a major commercial access provider became the victim.
The incident is being treated as a criminal offense by everyone concerned -- including the mainstream media. As a spokesperson from Elender related, the attack is no different than a thief breaking into a house. To this extent, they have launched a complaint with the police.
According to the hack page where the compromised user names and passwords were posted, the reason for the attack was in protest against Elender's shoddy level of service. None of Elender's subscribers suffered any loss in terms of their data, and although the user names and passwords were made public, no confidential personal information was compromised. The only major inconvenience for users was the inability to use their accounts over the weekend, the attack happening late Friday or early Saturday, and users not informed of their new passwords until Monday.
At this point, it's too early to say what kind of public relations effect the hack will have on Elender, or other ISPs in general. Although the security breach was significant, the speed with which Elender handled the problem will no doubt reassure some of their subscribers. On the other hand, the fact that the attack was done in protest of the quality of service may lead some to have second thoughts.
For the hacking community, meanwhile, their image is sure to be tarnished by the attack. This contrasts sharply with a year ago when a special news report carried on television about hackers and crackers tried to cut through some of the hype. Then, it was recognized that some hackers engage in their trade not out of spite, but in order to bring to light some of the weaknesses in systems. In fact, as Howard Rheingold pointed out in an article entitled Innovation and the Amateur Spirit, "the original "hacker ethic," celebrated in Steven Levy's book Hackers before the term came to mean cyber-vandalism in the popular parlance, was a norm of cooperation."
The case of the Elender hack would seem to fall in this category, not only in the how the attack was carried out, but in some of the messages that appeared on the hacked site. Unfortunately, the mainstream media seems to have put an excessively negative spin on the entire incident. RTL-Klub noted that the attack was carried for "ideological" reasons.
Without probing further into the intricacies of hacker culture, no less carefully examining the circumstances surrounding the attack in question (i.e., the messages on the hacked site), fear and loathing has replaced critical analysis. Together with the perceived need of police surveillance to monitor online content, the new year already looks set to usher in a new regime for the Internet in Hungary.