Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Are mainstream media missing the point?

By faets in Op-Ed
Tue Feb 20, 2001 at 04:07:54 PM EST
Tags: Security (all tags)
Security

Many media articles on the technology sector fail to grasp the subtleties behind the subjects. Apart from generally annoying the clued in, it has lead to companies being able to manipulate the media to their own ends. This is particularly evident with the reporting on the security sector.


ADVERTISEMENT
Sponsor: rusty
This space intentionally left blank
...because it's waiting for your ad. So why are you still reading this? Come on, get going. Read the story, and then get an ad. Alright stop it. I'm not going to say anything else. Now you're just being silly. STOP LOOKING AT ME! I'm done!
comments (24)
active | buy ad
ADVERTISEMENT

As articles on geek culture and highbrow computer technologies gain in prominence I am left to wonder if the mainstream media has not altogether missed the point. Hardly a day goes by that I don't pick up the paper and read "Linux 2.x Released" or "Open Source Alliance Formed". These articles themselves aren't intrinsically bad, but often the journalist fails to understand the subject or grasp the nuances that surround it.

The area in which I feel these misinformed pieces have the greatest effect is in the Security industry. Today's networked world is starting to place a higher and higher value on computer security, and thus "secure" is becoming a great buzzword. Us geeks on the other hand have always acknowledged this as an important issue, and have been the driving force behind the greater public uptake. The problem lies in the fact that a lot of the concepts involved are either new and strange or outrageously abstracted for John Q Public. This coupled with poor reporting in a lot of cases is compounding and further perpetuating the myths and hysteria surrounding the issues.

The other day while I was out I was lucky enough to catch a radio news broadcast warning me of the latest email virus. Is it just me or have these email viruses become a joke? It's bad enough having clueless work colleges forwarding thousands of warnings to me without two bit radio stations chipping in. I guess it has to be acknowledged that the great majority of the time these stories are done with good intentions, although the long-term negative effects have been discussed.

What is worse, in my opinion, is the companies that deliberately take advantage of this nave media. I have seen numerous companies exploit journalists' eagerness to report on any computer security related issues, just for the purpose of drumming up a bit of PR and hopefully some cash with it. There are plenty of examples of this, but the one that inspired me to write this article, and is a classic example, is a company in my hometown, which has managed to pull off a bit of press here, in Australia.

The company is Secure Systems, which is touting its Secure Data Vault. As far as I can tell (real information is lacking) it's a hardware device that sits between an IDE harddrive and the motherboard and "encrypts" a certain portion of the harddrive. As well as peddling a snake oil product, with all the usual trappings, they also have the gall to run a PR generating sideshow dressed as a "hacking contest".

The contest, which runs for 30 days, is open to anybody, as long as they have filled out a long and detailed form about themselves and gone through the rights "checks". Then contestants receive telnet access to a box with the product installed on it, with the aim of "decrypting" a text file. Did I mention each contestant's account only lasts for 4 hours and after the time is up they must contact the company for further access?

There is no information anywhere on the site about which encryption algorithms are use, maybe you are granted this data after registering, I don't know. Even so there are whole lists of other flaws that totally throw its credibility out of the window, including ridiculous time constraints, limited access to the contest itself and having only telnet access when it appears to me a physical approach to cracking the device would be the most appropriate. However in the press surrounding the contest none of these details were mentioned, they only focused on the cash prizes (which are to be donated to charity) and the fact that "more than 50 hackers" have already registered.

The security sector provides a wealth of companies peddling snake oil and looking to exploit a nave media, but this isn't the only area where these types of articles are cropping up. If it isn't articles reporting on hacking contests it's articles rejoicing over a new Linux kernel like it is some kind of answer to the latest Microsoft offering. I can't an end to the tech' media publishing misinformed or blatantly misleading articles on the technology sector for a while. Not until the journalists doing the reporting become a bit more clued in. Maybe the answer lies with all the budding journos here at kuro5hin.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Kuro5hin
o email virus
o Secure Systems
o Also by faets


Display: Sort:
Are mainstream media missing the point? | 34 comments (21 topical, 13 editorial, 0 hidden)
I think it's you that's missing the point (4.55 / 9) (#8)
by streetlawyer on Wed Feb 14, 2001 at 10:17:25 AM EST

Why do you think that the "mainstream media" is any more or less clueless about technology than anything else? I'm an expert on the financial system, and I see huge amounts of cluelessness every day, even in the financial press.

The reason is simple -- journalists aren't experts. Their skill set is to prepare readable copy to a deadline. This is difficult, and the first hurdle you have to cross as a journalist is releasing the urge to make it perfect. If something's perfectly accurate it's almost always a) unreadable to the layman b) so full of caveats it doesn't say anything and c) late. And late is as good as useless for broadcast media, and not much better for print.

None of this is to say that there aren't loads of terrible journalists out there -- there are, and it's got worse in every year I can remember. But it's unrealistic to assume that there's a simple solution. In order to be accurate, you've got to have specialists. In order to cover any meaningful field with specialists, you have a cost base that can't be covered on media margins. If you narrow your coverage, you get a revenue base that won't cover your fixed costs. If you try to pay peanuts for "budding journos", you end up blowing your credibility by putting out late and/or wrong stories.

And furthermore, it doesn't really matter. We have the media we're prepared to apy for, and the world isn't really in such a bad state.

--
Just because things have been nonergodic so far, doesn't mean that they'll be nonergodic forever

Meh (3.80 / 5) (#9)
by retinaburn on Wed Feb 14, 2001 at 10:43:58 AM EST

Mainstream media is for the masses, if they won't understand it without a long explanation (or in some cases even a short one) it doesn't get in.

The Media takes advantage of the naive public, the companies take advantage of the naive media. As a result people get fed their daily dose of purile junk.

If you want to read more indepth articles look at trade publications that are designed for a specific readership. Just like if you are looking for factual daily events you look in a newspaper, not the 'Enquirer'.


I think that we are a young species that often fucks with things we don't know how to unfuck. -- Tycho


newspaper == mass media (none / 0) (#22)
by scruffyMark on Thu Feb 15, 2001 at 05:22:45 PM EST

Just like if you are looking for factual daily events you look in a newspaper, not the 'Enquirer'.

What newspaper are you reading? In my local daily, we get what the chief of police says are facts, what the mayor says are facts, and what the prime minister of Canada says are facts. People who know the facts are not involved much, except when one of the aforementioned three is calling them liars, or issuing gag orders on them.

Pretty much anytime an article comes out concerning any topic on which I am somewhat knowledgeable, it contains factual errors. This does not do much for my confidence when I read articles concerning things I don't know about.

[ Parent ]

Actually (none / 0) (#25)
by retinaburn on Fri Feb 16, 2001 at 08:36:25 AM EST

I meant factual events, rather than content which may (read: will) contain factual errors or a biased view.

Its pretty hard to get 'Car Crash - 7 dead' wrong :)

I think that we are a young species that often fucks with things we don't know how to unfuck. -- Tycho


[ Parent ]
Yes. And in a related story, (3.42 / 7) (#10)
by error 404 on Wed Feb 14, 2001 at 01:08:13 PM EST

we have a late-breaking report that the Atlantic ocean has been perceived as somewhat damp on several occasions. And that Francisco Franco is still dead.
..................................
Electrical banana is bound to be the very next phase
- Donovan

Franco .. (3.00 / 2) (#16)
by aphrael on Wed Feb 14, 2001 at 04:10:43 PM EST

And that Francisco Franco is still dead

Really? I thought he was leading the Basque revolution, along with Elvis.

[ Parent ]

phase? (none / 0) (#21)
by scruffyMark on Thu Feb 15, 2001 at 05:16:11 PM EST

I thought that electric banana was bound to be the very next craze. On the other hand, we're not going to go into how I thought the chorus of Blinded by the Light went...

[ Parent ]
I'm with you (3.66 / 3) (#11)
by regeya on Wed Feb 14, 2001 at 01:26:25 PM EST

I saw a Frontline program titled "hackers" last night. It was so insanely bad that my intestinal tract tried to jump up and strangle my brain to put me out of my misery (apologies to Douglas Adams.) One of the Big Problems they talked about was Back Orifice of all things. There were some good points, sure (such as government types blaming Microsoft for focusing on convenience instead of security, and Microsoft firing back that customers won't buy secure) and even some oddballs that seem to think that legislation needs to be passed that would invalidate the GPL (always holding programmers liable for what their code does), require programmers in the U.S. to be licensed, require the federal government to test all software before it reaches the general public (the Feds, doing security audits? C'mon...)

I may be a security idi0t but this program was an insult to my intelligence in some areas. I felt sorry for people who are more knowledgeable than I. :-)

[ yokelpunk | kuro5hin diary ]

It's not just computers (4.00 / 6) (#13)
by Inoshiro on Wed Feb 14, 2001 at 03:56:51 PM EST

Excepting simple "human interest" stories, and other things which require the IQ of a flee to sell to the average tv consumer, reporters today by and large don't get it with any area. Why? They all lack the specialized knowledge, and the time to get the knowledge.

When was the last time you saw a health blurb on the news which, when checked against a doctor, was entirely accurate? How about engineering or physics stories? Remember when they found fossilized microbes in that meteor? It's not just computers....



--
[ イノシロ ]
Specialization (4.50 / 2) (#15)
by aphrael on Wed Feb 14, 2001 at 04:09:49 PM EST

I suspect that that is inherent in the nature of modern economics. We depend on specialization --- people, by and large, tend to understand one or maybe two general areas and focus most of their energy in one. Thus, I specialize in computer programming (and know nothing about hardware) and have a number of outside hobbies, but know absolutely nothing about anatomy .... and the person writing the report for the newspaper specializes in reporting and knows very little about the actual subjects being reported on.

Then, too ... media agencies could keep specialized advisors on staff, but they'd have to pay them; as long as news coverage is profit-driven, that's not going to happen.

[ Parent ]

I think Wiley said it best (4.33 / 3) (#17)
by Skippy on Wed Feb 14, 2001 at 05:03:03 PM EST

Wiley is the artist of the popular syndicated cartoon Non-Sequitur. He skewers the media on a regular basis. You can read his take on reporters at http://www.non-sequitur.com. The link goes straight to the cartoon, but is too long to include in the text.

I hope you appreciate this. It took 1/2 an hour to find. Be forewarned there is a Flash element on the page but it isn't necessary to view it.

# I am now finished talking out my ass about things that I am not qualified to discuss. #

People don't want to hear it, and good on them (4.25 / 4) (#20)
by jesterzog on Thu Feb 15, 2001 at 04:01:09 AM EST

As Inoshiro and streetlawyer have both pointed out, there's a lack of time and effort to get the knowledge needed to report properly - in all areas, not just technology.

I think it goes deeper than that though. the journalists can't be entirely to blame when the public doesn't care, either. And to be honest I don't blame either party.

Not everyone has an interest in technology the way that the majority of kuro5hin readers do. They don't want to specialise in it, they don't want to know the details about it, and they don't want anything thrust down their throat. They just want to know what they can do with it to make their lives better, and (possibly) how well it does the job.

To draw a metaphor, I am not a car expert and I really don't care about cars. If my car breaks I'll take it in to get it fixed, but I don't care how it works. I just want it to work and I don't want it to fall apart when I'm driving it.

If the mainstream media starts panicing about a batch of faulty tyres from some company, I might look up and get worried if mine match whatever the media's description is. I'm sure at the same time there would be many car/mechanical enthusiasts gloating about how it really doesn't matter because of X, Y and Z and I shouldn't be too concerned about the brand and batch number as I should be about some wacky specification I've never heard of.

I'm sure they'll say it's my personal responsibility to measure all sorts of crazy things of each tyre I get, correlating it in calculations with my vechicle's weight distribution to make sure that it's safe. They'll also categorise certain tyre manufacturers as dumb and stupid, catering with crap tyres to the mass tyre market.

To be honest, I prefer the media paranoia. It's simpler and it doesn't waste as much of my time. It's true that there actually are specialist auto journalists, but you'll find them in the car magazines... the same magazines I'd be reading if I had the slightest interest in the topic.

Yet, in an ironic way, I hope that the car enthusiasts will take it upon themselves to feel some responsibility. I hope that with their knowledge and interest, they'll put pressure on tyre manufacturers to make sure that ordinary people (who don't know or care what they're doing) don't get ripped off with shoddy products.

In conclusion, I don't think the media's ever going to get better. It caters to mass markets, and the only areas it specialises in are the serious minority that nearly everyone has an interest in. If you want good tech journalists, you'll find them in places targeting the technical market.. but nowhere else because other people aren't interested in reading them.

However, it doesn't let us off (as the technical audience) our obligation to do what we can to be concerned about technology in general, where concern is warranted.


jesterzog Fight the light


Have you seen "technical" mags lately? (3.00 / 2) (#27)
by hardburn on Fri Feb 16, 2001 at 03:08:58 PM EST

OK, so I could get a auto magizine and get better coverage of cars and stuff (if I cared, which I don't). I don't know how well auto mags really are, but I know that the majority of computer magazines really suck.

I liked it back in the late '70s and early '80s, where your typical computer magazine would be discussing a really fast ASM algorithim for refreshing the screen. These days, all I see is crap like "Is Windows 2005 worth the upgrade?" (answer: bloody no). Not even mags like the Linux Journal really match the Old School stuff.

If everybody else wants to be eating baby food, thats their buissiness. I, however, want some steak. Where can I find some?

On a somewhat related note, I picked up a beginners manual for an old Tandy TS-80 (I think thats what it was) not long ago. They had instructions for basic binary arithmitic. Thats great! Wish the Celery processors at Best Buy had the same.


----
while($story = K5::Story->new()) { $story->vote(-1) if($story->section() == $POLITICS); }


[ Parent ]
CVu & Overload (none / 0) (#33)
by codemonkey_uk on Wed Feb 21, 2001 at 07:45:49 AM EST

If you want a healthy dose of programming in paper form, and C/C++ is your thing then check out the ACCU publications, CVu & Overload.

An online version of an old issue of CVu (programming, focused on C/C++) can be found online here, and an old issue of Overload (advanced c++) can be found here.

ACCU membership is worth it for these alone...
---
Thad
"The most savage controversies are those about matters as to which there is no good evidence either way." - Bertrand Russell
[ Parent ]

Nah (none / 0) (#34)
by hardburn on Wed Feb 21, 2001 at 10:27:14 AM EST

C is OK, but I find C++ to be a bloated extention to it. I like Java's implementation of OO better (whatever its other faults). I prefer doing wicked-optimized ASM better.

Most programmers have problems with very low level stuff like that. I seem to be just the opposite. I love optimizing a big ugly boolean expression down to a few short instructions, but high level stuff often confuses me.


----
while($story = K5::Story->new()) { $story->vote(-1) if($story->section() == $POLITICS); }


[ Parent ]
TIme and interest (3.33 / 3) (#23)
by un_eternal on Thu Feb 15, 2001 at 05:56:21 PM EST

A journalist doesn't have the time to become an expert on a subject in the few hours or days before thier deadline. So what would be worse, publishing articles as they do now, a bit shallow without the technical details, or should they try the more technical version and get them all the details wrong? I'll also echo other people's arguement that not everyone wants all the details, that is what the geek sites are for in the first place.



-Ahh...A nice legally binding electronic signature
Warning: sort of a rant ahead (3.00 / 1) (#24)
by Gndlf on Fri Feb 16, 2001 at 04:09:06 AM EST

A journalist doesn't have the time to become an expert on a subject in the few hours or days before thier deadline. So what would be worse, publishing articles as they do now, a bit shallow without the technical details, or should they try the more technical version and get them all the details wrong?

[This is not a rant against un_eternal, but I thought this was a convenient place to put it.]

Nobody has ever expected that journalists from mainstream media are computer experts. That's not their job. However, their job is to give the public accurate information to the best of their ability. What annoys me almost every time there is a new security/virus/internet-related story, is that they seldom use the real experts when they should - i.e, when writing the initial story that goes to the front page. The experts are usually left out until the story has been published, and only get to say their piece when pointing out the facual errors and misunderstandings in the original article. Usually in a competing newspaper, of course. Hi, Gisle. :-)

Why can't the journalists go to the experts first? It's not that hard to mail'em a copy of your article and ask "Is this correct? Have I got the facts right?" I don't friggin' care about the deadline. If they haven't got time to check the facts, they should shut up and leave the matter for somebody who has.

Sometimes, when a "hyperdestructive" (yeah right) virus comes along, they may, in a fit of insanity or something, invite a VP from Norman

to say something. But I have never ever seen a single bloody link to their download pages. Why, for fuck's sake? Norman gets publicity, sure, and maybe their value increases on the stock market because of it, but how many are going to rush out and buy the programs? None, I guess. Can't say I have seen that many Anti-virus CD-packages at the local software pusher. But then, I live way out in the uncivilized part of .no.

So, in the end, Joe Random Luser will be informed that there is Yet Another Dangerous Thing going on out on that Internet thingy, but will not be taught how to protect himself.

Can anyone give me a reason for that??? And don't come with that "Norman will loose money when too many people download their programs for free" argument. If they didn't want to give away (IIRC) time-limited trial versions, they wouldn't have put them on the web.

In fact, the only reason I can find for not giving out a link is that this might actually be seen as endorsing(sp?) their products, giving them "free ad-space" or something. but haven't they already done that when Joe Random VP appear in their paper/TV news/whatever??? Hellooo?



[ Parent ]
Just to lend a bit more cred' to the article. (2.00 / 1) (#26)
by faets on Fri Feb 16, 2001 at 11:20:22 AM EST

Bruce Schneier's latest Crypto-Gram made a (brief) reference to Secure Systems' snake-oil.

If Schneier refers to it, it *must* have credibility.. Well according to The Kuro5hin Arguing HOWTO atleast <Grin>.



Why it helps to read a website (4.50 / 2) (#28)
by Miniluv on Fri Feb 16, 2001 at 07:07:17 PM EST

First of all, it's called the "Silicon Data Vault" not "Secure Data Vault" and you really misrepresented them. It's not really suitable to call something snake oil without reading the papers involved, then maybe emailing them with your concerns and giving them a chance to respond. Oh, and doing it just because Bruce Schneier did is even less acceptable, especially when he's doing it in a blatantly antagonistic fashion.

Below is what I gathered from about 15 minutes of reading Secure Systems, Pty Ltd's webpage. The Silicon Data Vault (SDV) is, as you say, a layer that sits between the IDE controller and your IDE/ATAPI hard disk drive. What it does is require a user login at boot, and from that login regulates access to various sectors of the drive based on three levels of control, as well as disallowing various "illegal" IDE commands, such as attempting a low level format, or writing to the boot sector. Essentially, this is a device for secure workstations, not servers.

This is not, however, snake oil merely because they're running a highly biased "hacking" contest. Remote access is the only real worry, because no device of this nature can prevent an attacker with physical access from circumventing it. Unless the device uses some secret, proprietary format to write the file system to the hard disk, any controller should be just fine reading from that drive if the SDV is removed.

The other feature this product claims is on-the-fly encryption of the file system, or selected portions of the file system. They do not make mention of any specific algorithm, but that's not unusual at this stage in a product release cycle. One would hope they used a well tested, thoroughly reviewed algorithm, rather than inventing their own or using something nearing the end of it's life cycle. However, it is an intelligent move to put hardware data encryption at this level and I'm surprised other manufacturers haven't yet. Provided the access control is suitably tamper resistant this could be a serious boon to administrators who need to setup secure workstations to maintain data integrity and access control.

Had you included some of that information in your write up, I might not have been muttering "hypocrite" under my breath before voting the story down. This is a plague that seems to afflict an awful large segment of the "community" of "geeks" who are "in the know" about "computer technology". Just because you know something doesn't mean you're any better at passing that information out than somebody who doesn't, and I'm willing to bet a professional reporter would've fallen upon a rusty sword before submitting the above story under their by-line, purely for the shoddy reporting, factual inconsistencies, and general lack of coherence.

"Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'

Media coverage as opposed to technology. (4.00 / 1) (#29)
by faets on Fri Feb 16, 2001 at 11:11:56 PM EST

First of all everybody is entiled to their own opinion. I respect yours and that was all my article was, my opinion.

Schneier bashing or worshiping does not really come into it as I posted this article on the morning of the 14th. Whereas Schneier's Crypto-Gram comes out on the 15th of every month. I do happen to be a "fan" or "groupie" or whatever you wish to label me as, but that doesn't change the fact that the article was not me picking up "his sword".

The point of my article was not the technology itself but the way they presented it in the media. While you were browsing their site it would of been instructive to have read their press releases, and saw first hand how there is an over empahsis on a sham of a hacking contest.

Even if they did give details about the security technology that is used, say which algorithims are used, it wouldn't mean that it is a suddenly a secure product. Flaws can be introduced in the implementation etc etc. The point is they throw around buzzwords to hype up the media without giving even a small justification of why their product so "un-hackable".

[ Parent ]

Press releases do not equal media coverage (none / 0) (#30)
by Miniluv on Sat Feb 17, 2001 at 04:16:08 AM EST

I never read press releases, they don't tell me anything I ever want to know. Even if it was written by the Chief Engineer of their flagship product design team, I still wouldn't read it. Press releases are intended to be seeds and quotes for a reporter to build into a full fledged story, and most reporters still do that.

The Schneier remark was also directed at someone who posted a topical comment of which the meat was "Schneier says X..." and no real substance. That's absurd, especially with the tone of Cryptogram being what it is in that particular issue.

Nobody ever said this is "a secure product" but what I did say was that at this point nobody knows all that much about it. You cannot, however, expect any rational company to say "Our product might suck, we're not sure because it's not field tested." That would be suicidal marketing, instead they write fancy press releases, send their product off for testing by review writing journalists, and sponsor silly hacking contests. This is standard fare in the security industry, and there's not a damn thing wrong with. It's the same in every other industry, it's just that the reporters have worked their beats a little longer so they can talk the real tech better. If you want solid security reporting check the security focused sites, as you get a higher grade of information from them. SecurityPortal, SecurityFocus, et al are staffed by at least a percentage of skilled inviduals.

If you want to talk about the media not having a clue, you need to be ready to show concrete examples, with the solid, unassailable facts to show their mistakes. What you did was rant and rave without a single shred of supporting evidence.

"Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'
[ Parent ]

Are mainstream media missing the point? | 34 comments (21 topical, 13 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!