Harper hacked by hash brown - Macleans.ca

Harper hacked by hash brown

LulzSec has done Harper and Canada a favour by pointing out a dangerous security vulnerability

by

That title scans, but isn’t really accurate—forgive me. The more precise but less fun headline is:

Conservative Party website and Twitter account hacked, probably by LulzSec. 

On Tuesday, hackers gained access to the CPC’s website, and proved it by posting a silly news update about Stephen Harper choking on a hash brown. Who was behind this “attack”?  CBS is pointing to LulzSec, the same hacker entity that has thoroughly pwned Sony (6 times!), though LulzSec’s culpability is unconfirmed.

Tony Clement and Jack Layton, who rarely find themselves on the same page on any given issue, have found common ground on this one. Both feel very strongly that the prank was not funny.  But they’re wrong—it’s *kinda* funny.

More than anything, it’s revealing. It reveals that anyone with hacking ability could speak as the Conservatives.  It also reveals that the CPC’s online information is poorly managed—the fake news about the breakfast incident automatically generated an official Conservative party tweet, which spread the misinformation across the web. Because of this, the hoax reached anyone who follows the CPC on Twitter (probably every political reporter in the country) and not just those who happened to be on their website in the short time the joke was online. That’s pretty serious—Harper has made policy announcements via Twitter.  If the hackers had been terrorists or fraudsters instead of pranksters, the damage might have been quite real.

LulzSec (or whoever) has done Harper and Canada a favour by pointing out a dangerous security vulnerability in a pretty innocuous, harmless and lulzy way. The Conservatives are justly embarrassed, and you can bet they’re tightening up their web security right now, and hopefully making sure that a pair of human eyes sees each tweet before it hits their feed.

When hacks like this occur, we focus on the wrong thing: Was it LulzSec or Anonymous? Who are LulzSec? Do they have anything to do with Julian Assange? Is it true that Assange wears pink satin underwear? 

Who cares?

The meaningful stories here are about those who are hacked, not the hackers.  Major security weaknesses in the U.S. military, the U.N., a multinational like Sony or the ruling party of Canada are far more pressing matters than the identities of helpful geeks who expose vulnerability instead of exploiting it.