I have mellowed on this topic myself some of late.
Daniel DeMarco
11

Deadly Serious Hacking Threat on Medium

And just how much it is definitely not a thing

By MARTIN REZNY

Well, my knowledge of hacking is fairly theoretical, though the more I know about it, the less scared I am of it. As it was pointed out to me repeatedly by my programmer friends and in general by various people I read or watch who know how it works, hacking is certainly not magic. It’s a lot like illusionism. When there’s a more serious breach, it’s usually one of two things — a very dumb thing done by a target single point of human failure that the hacker is phishing for, or an exploit in a piece of software until it’s fixed by a patch.

Sometimes both, like a silly human not installing a patch, which was the case with the most recent big ransomware attack. Here’s what I know — if you want to be reasonably safe, don’t respond to emails from people you don’t know, whether they’re from Nigeria or Uranus, and specifically, don’t share you credit card numbers or passwords with anyone. Ideally, don’t store such data anywhere in your computer. Additionally, have updated antivirus and OS and don’t download and/or install shady shit from shady sites.

It may sound obvious, and it is, and yet, this is what many people still fail at, which is why no system will ever be 100% safe. The next level stuff is don’t have easily guessable password like “IamBatman”. Based on what Snowden says, safest passwords easy to remember are long random strings of words forming a nonsensical (or at least not commonly used) phrases, like “PifflesTheBlueAnacondaLikesHavingTeaOnMars” (don’t use this one now either). The number of characters is the key factor preventing a brute force guessing algorithm to crack it within the hacker’s lifetime.

With all this taken care of, hackers have very little to go on left. They could always stalk you in real life and use social engineering or pickpocketing to guess your password, steal your wallet, bug your phone, etc. Mr. Robot TV show actually depicts all that rather nicely. For that however, you’d seriously need to be targeted directly by human hackers, not just randomly annoyed by hacking bots. Assuming there are many false accounts on Medium.com which are just silent bots, I simply don’t see a nefarious, or any, point to that.

Usually when there are “dead souls” present somewhere (and this is my area of expertise since it’s media and communication theory stuff), it’s to create an appearance of something. Like there being an audience of real people when there’s none. Social networking sites often sell these dead souls as followers for money. To do that for free for random people just makes no sense. When I put my conspiracy theorist hat on (pointy and made out of tin foil, of course), maybe it could be Medium itself trying to make it look like it has more readers than it does to attract paying members by making them feel like they’re getting more of an audience, but that would just be sad and pathetic, not dangerous.

The worst thing that dead souls in an audience can do is to screw with the post sharing algorithm, like it happens on Facebook a lot. The number of your audience members who get to see your new posts is usually not 100% — only if the first ones to see your post engage with it, it gets spread further. Dead souls would kill that with as high frequency as is their proportion in your audience. Facebook does work that way a lot, but I’m not sure about how Medium does it. It definitely feels better, like the posts do get shared with a lot more of the followers. It also doesn’t sell followers.

So, in conclusion, if you want to keep your personal information safe, don’t tell it to Uranus Yoda no matter how much he insists he needs to know. Just like I haven’t divulged my PayPal login and password the last twenty times somebody told me to by email sent from like totally.paypal@trust.us. I’m sure the only people who know your personal information now are you, Medium, and NSA. And probably aliens via telepathy.

Like what you read? Subscribe to my publication, heart, follow, or…

Make me happy and throw something into my tip jar