Out of Pod Experience

I think you got a little bit excited over someone posting their opinion into one of your threads. I assume you have made too many threads in OOPE and nobody really bites anymore. It is your lucky day.

Anyway, I have explained in my comment why. Maybe try to read it again. I did not say anyone is being murdered. I am saying that you do not see anyone talking about how to commit a crime, because this is what this guy did. That he died is tragic, but certainly not news worthy. People die everyday. That he then gets into the news for what he did and his death is sad and dumb.

Say, why did you post it? What does this story mean to you?

You seriously believe hackers created the Internet and the computer? At least look it up. The Internet was created by the US military, then developed into a larger network between the military, the government and universities before the industry discovered it and started pouring a lot of money into it.

I cannot even tell you who invented the computer and would need to look it up myself. I remember it was a guy named Konrad Zuse in Germany, but I also remember that someone else made the same claim.

Some of the hackers are simply disgruntled losers of the Silicon Valley era. Others realised it and used their knowledge to create a new, serious business to develop safety, security and protection software. The losers attack them, too, for it. Hacking into a security company is like the holy grail of hacking. Hackers are not more than clever half-wits, who failed to make use of their knowledge like the rest of them did. Bill Gates started in a garage just like them. Some just never got out of the garage. They want to be someone, but did not get lucky and so went on hacking systems to gain leverage over the industry by making them look bad. You want to glorify them?

Seeing how you rather want to call me a moron in your own thread shows what your intention in this discussion is. You want to gain leverage yourself. I hope you realise this before you go on, because hacking into computer systems is a crime. Just DDoSing a website, which technically does not count as hacking, can get you convicted.

Nonsense. You must believe in fairy tales when you think that any criminal should not only get a second chance, but that they get to use their criminal knowledge for good. Tell me how many firemen are ex-pyromaniacs or how many police officers are ex-criminals. You see, nobody would actually trust these people. Only when it comes to hackers do some people like you believe in fairy tales.

Most of the "people that point out flaws" etc. come from a completely different direction. There is a right way and a wrong way of doing this. I do not think you really understand this yet.

I may be a bit miss guided, but as far as I have read that is how this guy handled his information. As far as I have read he did not release any of the know how into the general population. Too think that malicious hackers were not already trying to do what this guy did is naive. He did what he did successfully and then provided that information to the manufacturers so they could better protect their products. I do not disagree that individuals that inter systems, that they should not be in, with malicious intent, should be prosecuted. Maybe this guy should have done this through the consulting avenue, but again, as far as I have read he did not spread any information out to individuals that were not vested.

I wish you would have started your posting with your later two posts as our discussion may have taken a different route.

He may not have been prosecuted and convicted for it, but someone who hacks medical devices and cash machines to make a show out of it is doing it for publicity and not to better the world. If he wanted that he would not have made it public, because it just causes fear and damages the companies he supposedly wants to do business with and turns into blackmail. It may even lead to others copying the hacking attempts. It was BS what he did. Hackers always look for the next holy grail to hack and to make a name for themselves. This guy made an attempt at hacking peope's pacemakers! It is as bad as it sounds.

There are of course companies that react if you tell them there is a problem with the security, but they are in the minority. What security experts like this guy do is they contact the companies and tell them about the problem. If they don't react the security expert usually sets a death line and goes public with parts of that information to force them to react. The released information isn't usually enough to abuse the system without a significant amount of additional work by someone that wants to abuse it. And if there was a profit to make or power over others to be gained that probably already happened. The difference is now everyone knows that there is a potential problem with risk involved and is able to take steps to protect themselves and the company can be held responsible if something happens because they still don't fix the problem.

I'm not really sure what you trying to tell everyone? Would you rather live in a world where no one gives a **** and pacemakers and cash machines can be abused by people with certain skills? Because what you basically trying to do is to criminalize the only type of people that stand between your computer systems who are practically everywhere this days and an army of people that would abuse the security holes to gain power over you or to empty your wallet.

The ideal way would be if there was an official way, say you go to the cyber police or whatever and they handle they then "blackmail" the company or closed it if they don't improve their systems. That's basically what happens in every other business. But there is no "cyber police" no one who cares except those individuals that are aware of the destructive potential if things like this are just swept under the carped.


But he did not steal anything. He just demonstrated security flaws. If he stole something you would be right and we would not have this discussion at all. In your example he would more be the surgeon who tells everyone it would be a bad idea to stab someone in the heart and tells them how to protect themselves.

Are you just confused by the title hacker? That usually stands for some sort of "playful cleverness". A hacker is someone who tries to disassemble and understand system, not limited to computer system and electronics. The media and the general public use the term in a different way, in this context however it means not "criminal" or "thief", it means "security expert".

And what is your problem with the publicity? This was a black hat conference, that's basically a bunch of people who work in the same domain and exchange new findings and know how. It's not as if the general public ever notices this kind of events except if some tragedy like this happens.


The banks don't produce the cash machine. The bank is the victim here who does not know their systems are vulnerable. The manufacturer that gives a rats ass about a security flaw in one of his already sold machines is the criminal. They have no motivation to fix a problem in an already sold 5 year old machine. And the management, are you kidding me? They are as clueless about this types of things as everyone else. They will not invest money in a running system with no obvious problem until someone forces them to take action by demonstrating the problem.

Fall for the hack? wtf are you talking about? We probably don't talk about the same thing. I don't talk about the guys that infect your crappy computer or send you fishing mails.


No, I don't want to be able to ban pacemakers. People like this guy want to raise security standards in all technical devices so everyone is saver in the end from people with dubious intentions. I really tried to explain it more than once now, i will not write it a third time. You seam to have a really hard time wrapping your head around this.

In my job IRL I build complex systems out of many machines with different kind of software and they are exposed to the internet, which is worse than a pacemaker or a money machine where you need physical access or close proximity. An attacker can basically strike from around the world. Now do I get mad if some hacker reveals a security hole that can be abused? NO, in the contrary, I'm not excited too, because in the end I means more work for me. But It is better to know such things and to fix the problem rather than to ignore them and hope no one will find out.

It's like when you always close your door when you leave, but one day someone tells you your window on the back of the house is always open. One should be glad for people like that.



Making machines and knowing about their potentially harmful flaws while not acting is a crime. At least it should be. In the software industry somehow no officials seams to care. They probably don't understand the problem, just like you.

ok, one last example, then I will give up:

When a company sells you a car with an expensive security system but one can open it with a smartphone and the right software, who is the criminal here?

[_] The manufacturer that knows about the problem but does not care to fix it?
[_] The guy that stole the car using his smartphone?
[_] The guy that pointed out there is a problem with the car security system?

And how would that change if the security system was not electronic in nature but mechanical and to open it up all you have to use is a straw?

No. He wanted to gain publicity. Your logic suffers from too many analogies. He was not hacking a car security system for a car maker and with the car maker's consent. You will usually have to sign a Non-Disclosure Agreement of some kind, but nobody gets to make their findings public.

I made the analogy because you stop thinking at the word "pacemaker" and think because he found a security flaw in one of this devices he is a criminal. Are you personally affected by this or what is the problem? He went "publicly" in a black hat conference, that's a conference about security and not the evening news.. I don't even know why this is so difficult for you to understand..

You really think hiding problems is better than dealing with them, do you?

Anyway, i give up. There is no point in this. Have a nice day.