We tend to imagine a website as the facade for this giant pile of secret records and internal details. Hack deep enough into the CIA's website and you can get into their mainframe. There you'll find all the records of their undercover agents and schematics for their wristwatch-mounted lasers. When I got into hacking, I assumed I'd be searching out mainframes, running decrypters, and breaking my way into all these systems.



I bought this exact pattern of Hawaiian shirt in preparation.

Continue Reading Below Advertisement

But the idea that you can get into any major computer system through the Web is just false. They may have a database with, say, username and password information that you can access through the Internet, but their records aren't going to be kept in any kind of public-facing database, because that's incredibly stupid. You won't find the nuclear launch codes hidden in anything attached to Defense.gov.

Websites are less like facades and more like handbills stapled to telephone poles. You can scribble all over that Albertson's ad in crayon, but no amount of doodling will let you steal a big pile of steaks. It's the same thing with all those movies where some supervillain hacker cracks his way onto the power grid: You'd have to know a ton of secret internal information to have a hope of getting in. Even the word "mainframe" itself is kind of an anachronism, because they've been largely replaced with server farms. Those servers are connected to a company-wide intranet, but why would Microsoft or Lockheed Martin pay to host all their billions of gigabytes of secret files in the cloud? That would be like paying thousands of dollars to install a solid glass gun safe in your front yard.