Whoah. Who'd have thought a tiny little piece about the Sydney Opera House web-site getting pwned would be such a big deal? No sooner than my psudo-scoop appeared in Tuesday's Herald, it was racing up the rankings, hitting the second or third spot in the top five most read list.

Today we're reading the "follow ups" -- apparently the Sydney Museum of Contemporary Art web-site has also been owned and flagged as harmful by Google's malware detection feature. (Sigh... big deal.)

Which made me stop and think. Really, at the end of the day, to the average IT security boffin the pwnage of the Sydney Opera House is not a big deal. Web-sites get taken over, Trojan code gets inserted, browsers compromised... accounts siphoned.

Then it hit me. Hey, maybe hundreds of thousands of people are clicking on this story because they rightly expect more from the computers that control virtually every facet of modern life. While the computer security person is happy to sit back and say "hey, shit happens," the average punter is outraged -- admittedly because they don't know how common this sort of stuff is, but mostly because it's outrageous.

It seems the general public is going through the same education the IT sector went through a few years ago. I could remember when writing stories about Web-site defacements was cool. In IT circles, most people can't be bothered reading about them anymore. They've been done to death, and the broader geek community knows what a defacement is.

Likewise, average consumers are only just beginning to learn about security -- it could explain why Radio National and Channel Nine were at the annual AusCERT conference this year. This is a good thing.

<awkward_segue>IT security guru Marcus Sachs was also at AusCERT.</awkward_segue>

<shameless_plug>I spoke to him there and recorded an interview about SCADA (control systems) for my weekly security podcast on ITRadio.com.au...</shameless_plug>

Enjoy!