“I Got Hacked Mid-Air While Writing an Apple-FBI Story” is the title of a USA Today post in which columnist Steven Petrow recounts how his brush with a hacker made him realise that privacy is important, dammit. It is a column that has touched my soul with its deep silliness.
A more accurate title would be “A Stranger Told Me They Hacked My Email as I Was Writing About a Largely Unrelated Topic.”
Petrow kicks things off by noting that he didn’t even care about online privacy before last week:
That was last week, when the standoff between the FBI and Apple seemed much more about principle than practice to me. That’s when I thought I’d write a column on whether this legal fight matters to regular folk — people like my mother, a retired social worker; my best friend, who works in retail; or even my 20-year-old niece in college. That was before I found out — in a chillingly personal way — just why it does matter. To all of us.
The “chillingly personal way” Petrow found out that online privacy matters, came in the form of a random dude who walked up to him in an airport as Petrow disembarked a plane. The man said that he had hacked the plane’s Wi-Fi system and read the emails of most passengers. In addition to having an extremely casual attitude about confessing crimes to strangers, the hacker man was — twist!!!! — a rogue privacy advocate, deeply concerned about the Apple/FBI security standoff.
Petrow writes that his accuser was piqued by an email from Petrow to security expert Bruce Schneier:
“That’s how I know you’re interested in the Apple story,” [the hacker] continued. “Imagine if you had been doing a financial transaction. What if you were making a date to see a whore?” My mind raced: What about my health records? My legal documents? My Facebook messages?
And then the kicker:
“That’s why this story is so important to everyone,” he told me. “It’s about everyone’s privacy.”
Petrow does not linger on the possibility that the man may have simply read over his shoulder and decided to troll him. Nope. He’s a hacker. Let’s not even get into how strange and fake this situation sounds. Life can be strange, the truth can seem fake, and anyways, it’s besides my point, which is: this encounter does a LOT to illuminate why airplane Wi-Fi is not secure, but nothing to explain why anyone should care about the FBI and Apple fight.
The fight between the FBI and Apple is about who controls phone security. In a general sense, it is related to protecting people from hackers, in that the government will be able to force tech companies to weaken their security protections if Apple is compelled to do so, and hackers could look for holes in those weakened protections to steal data.
If Apple wins this fight, airplane Wi-Fi will be exactly as shitty as it has always been. Petrow didn’t get hacked because the hacker man exploited a security flaw. He got hacked because airplane Wi-Fi was designed to be easy, but not to be safe. It doesn’t have WEP, WPA, or WPA2 encryption. It doesn’t have anything in place to prevent other passengers from installing network monitoring software so they can see what you do during the flight.
Gogo is essentially an open Wi-Fi system, and when Petrow contacted the in-flight Wi-Fi service, it admitted that customers should not view sensitive documents. This is because it is very easy to see what other people using an open Wi-Fi network, because open wireless networks don’t have robust security protections in place. Petrow writes that the hacker “went in through the back door of the GoGo connection,” but that’s not what happened. The GoGo connection left Petrow’s information on the front porch.
I get how hard it is to explain why people should care about whether a gigantic, ruthless tech corporation or a state surveillance apparatus determines how secure our devices are, but this is perhaps the worst argument I’ve seen. Apple can’t do anything to protect you from terrible in-flight Wi-Fi security. Getting hacked on a plane can happen whether or not the FBI compels Apple to create software to help it crack passcodes. And the privacy-protection tips Petrow gives at the end of his article, which include telling your Congressional representatives to support Apple, have nothing to do with protecting yourself from getting hacked on a plane.
On the plus side, I now have a fairly fleshed-out idea of what it’d be like if my uncle had his own syndicated national personal technology column.
Gizmodo emailed Steven Petrow, but he had not responded at the time of publication.