Tuesday, October 12, 2010

Hard Mode 10: The Myth of the Superuser

"The old-style hackers were renowned and even feared, for their expert knowledge of the workings of communications systems. The mythology surrounding the omnipotent hacker assumes that once the ethical hacker's moral bind has eroded and they go over to the 'darkside' then they become a danger to society."

This week's excerpt is from David S. Wall's article, "Cybercrime, media and insecurity: The shaping of public perceptions of cybercrime" from the International Review of Law, Computers, and Technology.

The author argues in the main, that the popular concept of "cybercrime" is confused, misleading and heavily influenced by media and pop culture. To the point that it has even influenced policymakers, activists and commentators.

Cybercrime misconception and paranoia is fueled by many logs, and one of them is the perpetuation of the myth of the superuser.

The term "superuser" defines a user profile that possesses all the permissions and privileges in a given system -- it is analogous to an "Administrator" account in Windows, needs no passwords, can modify anything. In other words, it is the D_O_G of the OS.

In another sense, "superuser" pertains to a myth popularized in the 80s and 90s, that in a basement or attic or slum somewhere, there exists a programmer or engineer or just a plain genius who knows all the ins and outs of the Internet or any system or network.

The latter of the two was bad news for the policymaker back then, because the superuser could easily foil any attempts to make the Internet secure for ordinary users and for commercial activities. Hence, according to the author, many ambiguous and overbroad laws were passed just so there could be any hope of catching the superuser.

No comments: