Well, it's an interesting question: how much technology/authentication do you need in order to call exploiting a security weakness hacking?

I don't know if it's worth splitting hairs on this. If the Cap'n Crunch 2600 hertz whistle was a hack then this kinda is too.

I'll gladly agree to disagree, but I still think there was some degree of ingenuity involved in the whistle thing that would make it "hacking", whereas these kids basically just called a phone number.

Yeah the main thing is - terminology aside - if you can easily bring a nation's rail network to a standstill then that's a bit of a problem.

I'll admit, I find that this question goes alongside "is a hotdog a taco or sandwich?" in my box of amusing questions to think about on the toilet.

Back then "hack" didn't really meant what it means now.

Now it is much more of a blanket term for near-anything

You should break some kind of layer of protection or find some secret piece of information for it to be hacking. Otherwise you're just doing what anyone could do but had the decency not to.

How are you going to ensure that in a real emergency no time is lost digging up the secret piece of information of breaking the layer of protection?

By the time you've done that the accident has already happened.

I'm not saying anything would be changed. Just that this is not hacking. In the same way breaking the green lights at an intersection is not hacking.

Fully agreed on that.

Hacking actually means modifying something or repurposing it to do something else that wasn’t its main purpose. It is not necessarily a security breach, but I blame Hollywood on this.

Where is that written authoritatively that makes you so confident in such a statement? Non train operators repurposed radio equipment to stop trains. See how a bit of grammar makes all the difference, or maybe...just maybe trying to parse the term hacking so finely is part of the problem.

> Non train operators repurposed radio equipment to stop trains.

Exactly, see what I said above

>not necessarily a security breach

So in short, a security breach CAN be hacking (sometimes it’s not like mitm etc.), but every hacking is not a security breach. Say I used a company server to propagate another attack, that might be hacking by definition, but hacking a toaster with some rubber band to do X is definitely not a security breach.

I would be pretty confident the hackers who carried it out don't parse it this finely, they are just happy it was so easy.

Destruction is so much easier than creation. In a normal society there are ample opportunities for easy and cheap destruction. Given a handful of motivated and smart people and within an hour or two and $500 in budget you can significantly harm any open society.

But that doesn't mean that you are smart, it just means that as an attacker you have it easy. Electrical infrastructure, water, gas, telecommunications, railways and so on are all wide open to abuse and sabotage. Doing so however is in my opinion about as close as an act of war as you can get if you do it from another country and should net you a decade or more in jail if not. It's also supremely cowardly, not unlike calling in a bomb threat on an airport. Assholes will be assholes.

If you're using something in a way that wasn't intended by its manufacturer, that's a hack.

A coper wire and a tuning fork. Ones own mouth.