=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=   F.U.C.K. - Fucked Up College Kids - Born Jan. 24th, 1993 - F.U.C.K.   =
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

                        STRANGERS IN A STRANGE LAND
                        ---------------------------

There are over ten thousand ways to acquire root access on a server. 

I know less than five hundred. 

I need only one. 

Within the realm of the United States corporate, educational and
government agencies, the above words are an anathema.  In a way, I
understand why; and that is why I detest their collective reaction all the
more.  Rather than face up to their ignorance, corporate America, our
"institutions of higher learning" and our government prefer instead to
idly malign and otherwise regard as maladjusted anyone who can readily
breach their illusory security. 

Rather than dwell on the surfeit of media accounts in which the authentic
hacking community is inaccurately portrayed, I intend to devote this
article to a study of how and why we -- the hacking community -- are so
often the target of fear and loathing.  Since I have the fortune of
working in a relatively high technology extension of the
military-industrial complex, I am often treated to a view from both sides
of the battle lines. 

Yes, battle lines.  Make no mistake about it: we are at war. 

In wartime, one of the first things that must be accomplished by any
opposing faction is the relegation of the enemy to sub-human status.  In
this respect alone, it is more than apparent that the computer underground
is indeed enmeshed in a war.  On a daily basis, we are reminded of our
status.  We have been labeled "digital terrorists,"  "electronic
corporate raiders," and, of course, "fucked up college kids."  Even the
simple term "hacker" has become synonymous with malevolent intent. 

These terms and connotations are not merely antagonistic wordplay.  Their
very design serves to prevent the government, university and business
worlds from comprehending our humanity.  And just as the governors of the
South in the 1960s saw no reason to listen to "no upstart nigger," so the
leaders of the largest sectors of American existence see no reason to
listen to any "punk hackers." 

Of course, once the enemy has been stripped of its humanity, a wholesale
erosion of that group's liberties inevitably follows.  We all know how
Nazi Germany willingly, and by writ of law, denied "der Juden" of their
right to own property, engage in commerce, and travel freely.  Even more
chilling is the United States' history of doing precisely the same to
Japanese-Americans for the duration of World War II.  In both cases, these
inhumane measures were taken not only after a period of fervent
propaganda, but in the name of National Security. 

And here we are in 1998.  We have witnessed a crackdown on the hacking
community precipitated not by "digital Pearl Harbor[1]," but by ignorance
of the American government and a simple error in a piece of AT&T code[2]. 
Kevin Mitnick still awaits trial three years after his arrest on charges
of "possession of unauthorized access devices, computer fraud, causing
damage to computers, wire fraud, and interception of wire or electronic
communications[3]," denied even so much as the use of a stand-alone laptop
by which he can coordinate his own defense.  Attorney General Janet Reno
seeks $64 million dollars to start a "cybercrime center" under the
jurisdiction of the FBI[4]. 

None of this should come as a surprise.  Even in ancient times, the
stranger was always perceived as greatest threat to any community[5].  In
this sense, we are perceived as particularly threatening strangers since
we have demonstrated time and again that we can better navigate the very
territory that the agencies of government, industry and education
constructed for their own use. 

The above is not an idle boast, nor is it made with malice or vanity.  The
fact of the matter is that we, a relatively disorganized collective of
outsiders, can and have mastered a highly complex network of systems
designed, created and implemented by some of the greatest technical minds
this century has seen.  How could that *not* be unnerving to the
institutions that consider themselves to be the be-all and end-all of
technological innovation? 

So where do we go from here?  Surely it would seem that America's
government, universities and industry must understand that their notions
of computer security are sorely lacking.  Even so, we cannot expect them
to embrace our efforts.  We are in their disfavor entirely because we, in
no uncertain or delicate terms, mercilessly expose their weaknesses.  As a
result, they respond in kind by legislating against the very tools on
which we rely to safeguard our way of life.  In the arena of cryptography
alone, laws have been written on the presumption that every person is
guilty until proven innocent.  "After all," the government reasons, "why
would someone need unbreakable cryptography unless they had something to
hide?" 

Judging from history, this conflict could continue in perpetuity: a
constant struggle with no resolution, and no decisive victory for either
side.  Yet there is a precedent on which an armistice could be reached. 
Through no accident, that precedent is what brought us all together in the
first place. 

The precedent is the Internet. 

Those who have been around long enough will remember that the Internet was
not borne of mutual admiration, but mutual distrust.  (Let us remember
that the 1960s were not a time when universities were particularly fond of
the military and the military was not particularly willing to open up to
anyone.)  Even so, all participants agreed to set aside their
long-standing suspicions for the moment in order to pursue a higher goal. 
In doing so, we -- the hacker community -- have been afforded the
opportunity to learn more than we would have been otherwise able.  We
cannot ignore this basic fact. 

This is not to say that the hacker community should be obliged to extend
the olive branch.  We have done nothing more than followed our respective
curiosities as the human animal is obligated by its own intellect.  We
were presented with a new technology and, just as we began to explore it,
were shackled with nonsensical arbitrary rules which were impossible to
follow in the face of a compelling mystery.  And in our disobedience, we
have literally been the embodiment of the convictions that brought forth
the Declaration of Independence over 220 years ago. 

Now more than ever, it is obvious that the United States' government,
industry and universities could richly benefit from an alliance with us. 
An open, nonjudgmental dialogue via the Internet would be a most fitting
start to such an alliance.  Relaxation and eventual eradication of the
stranglehold that the government presently has on cryptography (along with
the abandonment of key escrow and cryptography backdoors) would certainly
be welcomed as a sign of good faith as well.  From there, the
possibilities could well be endless. 

Now is the time for the private and public sectors of the United States to
look beyond their own shortcomings; specifically, their arrogance about
their own idea of security and their misgivings about those who can so
easily defeat it.  Ultimately, they must understand that this approach is
the only one by which truly succeed in improving their security and our
technological way of life. 

Yet if they continue cling to their outdated notions of security through
obscurity; if they continue to criminalize the same unorthodox approaches
that historically made the United States a global superpower; if they
unthinkingly continue on their folly that they should be the de facto
authority on technology, I need only remind them of this: 

There are over ten thousand ways to acquire root access on a server. 

I know less than five hundred. 

I need only one. 


Cancer Omega 
---------------------------------------------------------------------

NOTES:

[1]  This phrase, to the best of my knowledge, was originally coined
     by Winn Schwartau in his book, "Information Warfare."

[2]  The January 1990 failure of AT&T long distance systems was
     originally believed by many to be the product of an attack
     carried out by malicious hackers.

[3]  Information courtesy of http://www.kevinmitnick.com.

[4]  The Nando Times, February 27, 1998 (http://www.nando.net).

[5]  Schmookler, Andrew B., "The Parable of the Tribes: The Problem
     of Power in Social Evolution," Berkeley, 1984.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
= Questions, Comments, Bitches, Ideas, Rants, Death Threats, Submissions  =
= Mail: jericho@dimensional.com                       (Mail is welcomed)  =
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=  To receive new issues through mail, mail jericho@dimensional.com with  =
=   "subscribe fuck". If you do not have FTP access and would like back   =
=    issues, send a list of any missing issues and they will be mailed.   =
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
= AnonFTP     FTP.DIMENSIONAL.COM/users/jericho/FUCK                      =
=             FTP.SEKURITY.ORG/pub/zines/fucked.up.college.kids           =
=             FTP.DTO.NET /pub/zines/fuck                                 =
=             FTP.ETEXT.ORG/pub/Zines/FUCK                                =
= WWW         http://www.dimensional.com/~jericho                         =
=             http://www.reps.net/~krypt/fuck.html                        =
=             http://www.simunye.com/fuck                                 =
=             http://www.dis.org/se7en/fuck                               =
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=       (c) Copyright. All files copyright by the original author.        =
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=