Things About Computers & Hacking Writers Need To Know
There are a lot of misconceptions about the way computers and hacking works, many of which end up being used in fiction unironically. As a result, many scenarios that were supposed to be dramatic or cool just end up being laughably ridiculous to anyone with even a little bit of tech savviness. So here are some things to know about computers and hacking if you're aiming to make what you're writing look a bit more plausible.
A program is essentially a set of instructions. Perhaps thanks to films like TRON and The Matrix, some people tend to imagine programs as something like agents who run around a virtual landscape doing whatever it is they were created to do. But this isn't really correct. A program is basically a set of instructions that tell the computer what to do and when to do it. For example, a piece of programming might essentially tell a computer, "If this option is chosen, display Message A - unless this other thing has been done first, then display Message B instead." So a program isn't analogous to an agent, but instead the rules and protocols an agent (which in this case would be the computer) follows.
The display is not the data. What you see on the screen is basically just an illusion. The real action all takes place in the hard disk drive, RAM, processor, etc. Destroy the screen, and all that stuff is still in there. Same goes for a touchscreen - to actually destroy the data, smashing the screen would somehow have to tell the computer to run a code that deletes the data in the HDD. In reality, the only code it could possibly tell the computer to run is the same one it tells the computer to run whenever you touch the screen any other time.
There are many different programming languages. So someone could be a whiz with some programming languages, but would still have no real idea how to work with something unfamiliar. (And realistically, any computer system created by aliens would use different programming languages from anything we have, thus making it impossible for someone, no matter how clever at programming, to just sit down in front of an alien computer and reprogram it to do anything.)
Critical systems will be set up for fault tolerance. A fault-tolerant system is one that is set up in such a way that if part of it fails, it will still be able to go on running with minimal loss in performance. Fault tolerance can happen both on the hardware side and the software side - EG, in the hardware side you might have backup power, data backups, and redundant hardware, and on the software side you might have programming codes to handle and recover from software errors without crashing the entire system, or coding that tells it to seek out an alternate method of accomplishing a task if the primary one isn't possible.
Data does not disappear from its original location when accessed or downloaded. It happens in some stories that when a character steals data, it's gone from whatever system it was on originally. In reality, digital files don't move like physical files, but are instead copied from one source to another. For the data to be gone from the original system, someone would have to actually delete it. (But even then, this wouldn't mean that the original holders would be left without it - anything critically important will be backed up - sometimes several times over - and it's often possible to recover deleted data anyway.)
A good display/interface is one that people can figure out mostly by looking at. It happens sometimes that people make designs that are nifty visually, but fail to look like plausibly useful computer. Good hardware and software are designed so that users can understand and distinguish what it is they're looking at relying on too much external help. A grid of transparent crystal buttons might make a pretty visual, but would be awful for anyone new to the system, or even for more experienced users working under exhaustion or stress. (Plus, having to remember which identical button is which just wastes time!)
Firewalls cannot be "broken" through. A lot of people imagine that firewalls work something like a wall or door of some kind that can be broken through if you just fire off enough of the right kind of code at it. But this isn't how it works. First, hackers don't "break" through security; they poke around until they find a hole somewhere that can be exploited. To make an analogy, rather than trying to ram through the front gate of the fortress, they inspect the fortress walls until they find, say, a sewer drain that someone forgot to put a drain cover over. Firewalls don't protect a system from some kind of digital battering ram, but instead cover up those grateless sewer drains. To get past a firewall, the hacker is going to have to try to find a hole that the firewall missed.
Untraceable hacking isn't as easy as many think. In some stories, a hacker will swoop into some secure database, download or delete some files, and then erase all traces of ever having been there. In reality, deleted data can often be recovered, and automated backups can still retain that information. And yes, many hackers using proxies have been caught before, so those aren't perfect cloaks of digital invisibility, either.
Anything hackers make trouble by doing, someone will try to stop them from doing again. Those in charge of the system's programming will most likely start trying to find and plug whatever holes the hacker found. People might also try moving to a more secure system, or might even put data into physical documents instead, depending on what would be the most practical choice.
A lot of fictional hackings could have been stopped in their tracks if someone had just shut something off. Turn off the computer (by pulling the plug, if need be!) or shut down the router, and any hacker would be unable to access the system. You can't hack a plug back into a socket or hack a mechanical switch back into the "on" position, after all.
There are ways to keep rogue programs from running willy-nilly. In some works of fiction, someone runs or opens a mysterious file that contains some nasty surprise - a virus, evil AI, whatever - that wreaks merry havoc with (or through!) the computer and any systems it's connected to. In reality, there are various ways to keep a rogue program penned in. One possible method is to test the unknown file in a virtual machine, which if configured properly can keep it contained within a "virtual" computer inside the actual computer. There's also sandboxing, a simpler method. And beyond that, the file could be run on a computer system that has no network connection of any kind. So if your characters ended up having a rogue program run loose, it's probably because they failed to take a few simple security measures somewhere.
Nuclear missiles could never be remotely launched by a hacker. The reason for this is simple - the systems that do this don't use software! They use physical switches and mechanical encryption (namely, keys and locks) and mechanical hardware that needs to be activated by two different officers at two different stations, at the same time, who receive their instructions (in the form of an EAM or Emergency Action Message) over a speakerphone. The codes for the launches don’t even launch the missiles, but instead are the codes to open the safes containing the keys and to allow the crew at the facility to determine whether the instruction to launch is real or not. What's more, each Sealed Authenticator (a special card read by two officers) is only used once. Last but not least, Intercontinental Ballistic Missile guidance computers are not even online: they have their target package preconfigured. Thus, the idea of trying to launch a nuke remotely is just as ridiculous as trying to edit a text document by turning a screwdriver and wrench in your USB slot.
If you liked this, you might also be interested in: