[Mr. Martinez was contacted about this article on Feb 4th.
I would like to say that he was extremely open to our critique
and acknowledges some of the errors. A copy of his mail can
be viewed here.]
http://www.abcnews.go.com/sections/tech/DailyNews/hackers990203.html
Computer Subculture Faces Generational Questions
By Michael J. Martinez
ABCNEWS.com
Feb. 4 Computer hackers see themselves as intellectual rebels,
free-speech advocates and knowledge seekers, dedicated to cruising the
wrong way down the information superhighway with their middle fingers
defiantly upraised.
The authorities call them miscreants and criminals.
Hackers have been blamed for more than $236 million in damage in the
past year alone, according to the San Francisco-based Computer Security
Institute (CSI). Fighting back, four major computer companies Cisco
Systems, Sun Microsystems, Lucent Technologies and Network Associates ^×
banded together last week to form a consortium called the Security
Research Alliance to improve network security.
Meanwhile, the world's most famous hacker Kevin Mitnick, who was
arrested in 1995 for massive credit card fraud and other exploits that
totaled some $80 million in damages, sits in a Los Angeles jail cell
awaiting trial. And the hacker community itself is facing a subtle but
growing cultural divide: a generation gap in the proudly youthful hacker
subculture.
[Of all the charges leveled at Mitnick, none of them are
credit card fraud.]
Old-School History
The first hackers came of age in the 1970s, honing their skills on
mainframe computers before moving on to other computers via phone lines.
Hacking remote networks over the telephone system quickly became known as
'phone phreaking.' In the early 1980s, hackers began to together in groups
like the Cult of the Dead Cow (cDc), l0pht (one of the oldest and most
respected), newhackcity, the Masters of downloading and milw0rm.
[Masters of Downloading and milw0rm are no more than 2 years old,
and neither are respected among the hacker community. And the definition of
'phone phreaking' is a bit off. Phreaking is the term for hacking phone
systems, not hacking computer systems OVER phone lines.]
Old-school hackers tend to follow a distinct code of ethics that precludes
damaging computer systems or corrupting data.
Hacking has become corrupted to include cracking, says OXblood Ruffin, the
foreign minister of the cDc (like the other hackers quoted in this
article, he was interviewed under his hacker moniker, via e-mail).
Cracking means destructive behaviors that encompass network intrusions,
virus-based programming, and the like.^Ô
Use Your Powers For Good, Not Evil Nevertheless, at last summer^Òs DefCon
hacker convention in Las Vegas, the Cult of the Dead Cow whipped the young
crowd into a frenzy with its rock-and-roll presentation of a new hacking
tool. Called Back Orifice, it allows a user to gain control of machines
running Windows 95, as long as those machines are connected to the
Internet and users inadvertently activate the program through a 'trojan
horse.'
[Slight butcher of the definition 'trojan horse'. That is the
concept of one, not a mechanism to load one.]
The availability of such tools makes it far easier to acquire the
skill set needed to break into remote computers. Many tools, called
'warez' by younger hackers, can be downloaded from sites across the Web.
From there, a little experimentation is all that's needed to learn how to
crack an unprotected Web site.
['warez' refers to illegal copies of commercial software more
than hacking tools.]
^"Basically [the younger hacker is] the average Joe Schmoe high school
kid who knows nothing about programming," says an independent hacker who
calls himself Lord Somer, "but has some general knowledge on how to use
proggies^Òor programs."
Going Corporate
Many more respectable hackers, meanwhile, have migrated to the corporate
world, using their infiltration skills to protect their company's
computers from sabotage.
"This is something I always loved to do," says Matthew Harrigan, ex-hacker
and the founder and chief technology officer of MicroCosm Computer
Resources, a San Francisco-based computer security firm. "One day I
figured it would be a better use of my time if I could do this and
actually make some money."
Founded in 1992, MicroCosm has grown to the point that Harrigan hired
Silicon Valley veteran Art Case last year to take over the job of CEO.
MicroCosm freely hires hackers as long as they measure up to Harrigan's
ethical standards.
"Hackers really have that broadband skill set and the frame of mind
to use it well in computer security," Harrigan says. "The vast majority
of them are not out to hurt anybody. They're out there to learn."
Destructive Youth?
John Vransevich, founder of AntiOnline, a Web site dedicated to computer
security, first published the site as a 19-year-old college student
enamored with the world of hacking. Now, his fledgling computer-security
company has venture capital backing and bright new offices, even as
Vransevich^Òs view of hackers has dimmed.
"I've seen 16-year-olds breaking into Web sites for the hell of it,
people breaking into 10,000 domains and deleting the content on them
it's amazing," Vransevich says. "And each time this comes up, I^Òm asking
myself why someone would do something like that."
Harrigan agrees that a handful of the young people coming onto the
hacker scene tend to be less disciplined and more destructive than past
generations: "We weren't out there breaking into Internet sites, sending
e-mail bombs, unleashing trojans on people."
The rivalry between certain youngsters and older hackers has become
so pronounced, Ruffin describes it in the terms of young gunslingers going
after wild-West legends.
"Today younger 'hackers' are out to make their mark and knock down a
lot of the name hackers," Ruffin says, "which is understandable from a
generational point of view."
Hacktivism Catches On
Many hackers have decided that if they're going to learn computer security
by breaking into servers, those servers might as well belong to people
they don't like.
China, Indonesia, India and Mexico, among others, have all had sites
attacked by "hacktivists." The government home pages are usually defaced
with cyber-graffiti that spells out the hacker's particular beef with that
government. Hacktivists have also performed denial-of-service attacks,
blocking anyone else who tries to access that server.
Groups like cDc, l0pht and others discourage hacking Web sites and
denial-of-service attacks. Instead they try to help dissident computer
groups in repressive societies. The cDc claims it has aided a Chinese
hacker group, called the Hong Kong Blondes, by giving it advice and
hacking tools including 5,000 copies of Back Orifice to distribute in
China.
[This makes it sound like they shipped 5000 copies overseas. Why stop
at 5000? They made the software available and ANYONE may copy it as often
as they like.]
"So what if you hack a Web site and say 'your human rights policy
sucks' or whatever the message says? At the end of the day, human rights
aren't improved, no one's life is made better," says OXblood Ruffin, the
cDc's 'foreign minister.' "But if you provide the tools for people to
raise their own struggle, then you've done something."