[MichaelMug]

I don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.

I read it all the time, "my insta was hacked", etc.

I would really like to know if hacking is as common as it is reported rather than a successful phishing campaign, a simple issue of forgotten password or getting locked out of email, account ban for rule violation, or something else entirely unrelated to actual hacking.

In this case my skepticism skyrocketed when the hackers write "we are in control".

[caskstrength]

> I don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.

It is a mechanism of shifting responsibility. If your password is "1234" and you gave it away to a totally legit MS support center employee that called you recently because MS has detected that your iPhone has a virus, then it is on you. But if North Korean hackers compromised your watch via elaborate hacking campaign to mine bitcoin on it, then it is "not your fault".

[progbits]

Same thing how all company breaches are attributed to "sophisticated state sponsored actors" even though most of the time the company provides zero evidence it wasn't a single bored hacker in their moms basement.

[somenameforme]

solarwinds123

https://www.theregister.com/2020/12/16/solarwinds_github_pas...

[matt-attack]

Or more often than not, a disgruntled current or past employee.

[sciencesama]

Or poor it policies !!

[dcow]

A little bit of a gap in understanding too. Something happened to your account and you don’t know how? Hacked.

Turns out for a lot of people your piss drunk self, your weird ex boyfriend, and that person setting up fake OF with a selection of your public fb/insta pictures, are all threat actors too.

[kentiko]

Don’t forget: it’s never the victim’s fault, no matter how careless they are.

[taldo]

The customer is always right... unless they are not.

[vdaea]

You just have to see how the media says 23andme was "hacked" when actually accounts were compromised using a password spraying attack.

[parsimo2010]

If the original account is to be believed, they did not know the owner’s passcode/PIN. The attackers gained remote access to a device without the passcode/PIN. This suggests it was not phishing.

It sounds like a legitimate usage of the word “hacked” to me. Maybe not the most critical vulnerability because they did not gain full access, but they managed to gain some level of control of the owner’s watch without their permission, and it sounds like the reason was not that they left it lying around unlocked (to be clear it sounds like they got control because the watch was unlocked in the owner’s wrist, but they were accessing it wirelessly- sounds like an issue with Apple’s security model that can be fixed).

[whycome]

There's this site that provides news for these "hackers" and I'm not convinced any of them actually do any hacking.

[layer8]

See meaning 1.5 vs. 1.6: https://en.wiktionary.org/wiki/hacker#Noun

Hacker News is meaning 1.6.

[rootsudo]

How do we have time where there’s so much else going on?

[kvakkefly]

My Skype account was hacked many years ago. It started with me getting an email about some credits being added (from my credit card that was in the system).

When I logged onto Skype, I had a new name, and a new contact, both of which were Ivan something. I immediately started chatting with Ivan, who told me that there was a weakness in the Skype login security, which he tried to exploit.

I changed my password to another Medium to Strong password, and a few minutes later my name was again changed to “Anders xoxo Hafreager”, and a message that he had hacked me again.

I still don’t know what he did or how he did it.

[fl0ki]

Check if you have an old email or phone number tied to the account. Attackers can get Microsoft to send one-time codes to them, no matter what else you have set up on the account. Worse, it seems this feature was added some time ago and every account was automatically opted into it.

I was getting dozens of one-time code emails per day caused by login attempts via what must have been Tor. None of them were successful logins, but it got me worried. They seem to have stopped after I reworked my account's requirements to include OTP, but now every couple of days my Skype app posts an error that it couldn't log in, when it is clearly logged in just fine. Even that OTP can't be a standard one, it has to be Microsoft authenticator.

Microsoft has been improving in a lot of ways lately but this is not just embarrassingly bad, it's substantially worse than it was a few years ago.

[dboreham]

MS didn't invalidate the token he had when you changed the password?

[teekert]

So true. Normies be using security questions like “What was your fist dog called?” while posting about their first dog’s name in public #insta while complaining about being targeted by a 1337 h4x0r.

[Firmwarrior]

Ah yes, many fond memories of my dog dumfyg-gycpid-8Vujmi

[willis936]

Good ol dumfyg. I've bad a hard time pronouncing their name to service reps over the phone when locked out of an account.

[eastbound]

In the future, people will name themselves XÆA-12 so even their login can’t be guessed.

[fsflover]

You could just say "it's some gibberish" to restore the account.

[jessekv]

"What was your first dog's name?"

"Oh, something random."

"Ah yes, correct, welcome back."

[RandomBacon]

That's why people should make up something believable like "Mr. Poop Muffins"

[lagadu]

Hacking is largely used to mean the breaching of a system by some unauthorized actor, and why shouldn't it? Word meanings change over time and this one got broader.

That said, phishing is a form of hacking the individual so even by a strict definition it still works.

[pflenker]

While I agree with you in general, the behavior described in the article should not be observable without an actual hack.

[throwbadubadu]

Not sure if catalyst, but if the crowd learns something it is corpos and governments telling almost always the same story of getting hacked, cyberattacked, with the worst of criminal energy, even if its the most simple letting unpatched (more 1000days then 0days) software run or pretty much unsecured systems out open in the wild.. it is the common excuse everywhere for not understanding of an admitted for most too complex tech world.

[andrepd]

Anecdotal, but 17 years ago it was also common to say "my runescape got hacked!" when in fact you typed your password on some runes-cape.freewebs.biz :)

[Towaway69]

Perhaps there is more to hack? At least when I was 20 years old, the only thing to be hacked was the dial-phone, a paper phonebook and perhaps a fax. Social media didn't exist.

Having so many accounts where some stuff might (or might not) be important, folks get very sensitive to being "hacked". Or in other words, having a stranger break in and rummage through their underwear.

[detourdog]

I remember on boring days reading the factual entries in the beginning of the phonebook. I remember it as a broad description of how the bell system worked and how to use it.

In the late 70s in a central Pennsylvania farmhouse that was some of the earliest technical documentation I ran into.

[konart]

At some point the same happend in computer games. Suddently every "cheater" or "abuser" became a "hacker".

Different times.

[exadeci]

Someone posted a video and either the screen is having some ghost touches or the watch is actually getting brute forced

[eviks]

phishing campaign is a method of hacking

[Dalewyn]

Hack in popular tongue has always meant authentication breaches in general, the method is not important. It's been this way for as long as internet has been a household word.

[toddmorey]

I mean, there is Apple Watch Mirroring, which does allow remote control of an Apple Watch for accessibility purposes. If they were able to somehow exploit that, I would consider it hacking.

I sort of hate how this thread immediately rallied around “must be crazy people hallucinating” and I hope Apple takes the reports a bit more seriously & investigates.

Edit: I do agree that passwords guessed or phished doesn’t count in my mind as hacking.