[ISN] Cracking the Code of Ethics

From: mea culpa (jerichoat_private)
Date: Thu Nov 12 1998 - 07:00:22 PST

  • Next message: mea culpa: "[ISN] Virus News Vol. 1 #11"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-Transfer-Encoding: QUOTED-PRINTABLE
    Content-ID: <Pine.SUN.3.96.981112075825.592Xat_private>
    November 10 - 16, 1998
    Cracking the Code of Ethics
    by Edmund Lee
    In the spare halls of WBAI's new offices on Wall Street, a few hackers
    loiter around, talking to one another about the newest digital phones, the
    bureaucratic nuances of Bell Atlantic, and what to eat for dinner (either
    upscale diner or Mexican). It's Tuesday night; they're waiting for
    Emmanuel Goldstein (a/k/a Eric Corley), host of the hacker radio show Off
    the Hook and editor of 2600: The Hacker Quarterly. One, a middle-aged man
    wearing glasses and a baggy, ill-fitting suit, sits on a bench near the
    front door listening to the wall-mounted speaker project a human voice.
    The inner cone of the speaker appears to have a little tear, turning
    consonants into a static-sounding lisp. "The SH-I-A has many oberatives in
    that hountry," the voice comes over. "What we have here is a hovert strike
    assault." They're tuned in to Expert Witness, a radio show about
    clandestine military operations and spy technology, which airs every
    Tuesday night just before Off the Hook.=20
    "These guys are the real hackers," says the man sitting on the bench,
    about the CIA operatives and post=ADCold War spies. "We just hack esoteric
    things, like phones and computers."=20
    But these days, there's much debate about what a "real" hacker is.
    Usenet's alt.2600 and alt.hackers play host to constant flame wars about
    just who is and who isn't. A typical post goes something like this: "Can
    someone tell me how I can get a wardialer [a program that dials random
    numbers until it finds one hooked up to a computer]?" To which the typical
    response is: "Get a life.  First try to learn something about computers
    then come back with some real questions. We got to get rid of these
    wannabe hackers."=20
    Within what was once a cipher of people guided by a single code or ethic,
    clashing philosophies have emerged. The explosion of the Internet and the
    rush to get a computer in every home, classroom, and office has made every
    15-year-old kid with a modem a potential hacker, of sorts. By some
    accounts, this fragmentation of the hacker community has spawned a new
    breed of more dangerous hackers, leaving the traditionalists to slowly die
    "There are definitely divisions and now there are all types of hackers,"
    says J. P. Vranesevich, who runs AntiOnline.com, which publishes
    information about security holes in programs as well as the latest hacker
    attacks. He breaks it down into "traditional hackers like Emmanuel
    Goldstein"; "hackers for profit" like Vladimir Levin, who stole $4 million
    from Citibank and was rumored to have ties to the Russian mob; and hackers
    whose playgrounds include foreign government networks, such as Israeli
    Ehud Tenebaum, a/k/a Analyzer, who hacked the Department of Defense
    computers and was described by Bibi Netanyahu as "damn good" but "very
    dangerous." "It's all changing now," Vranesevich says.  "There are split
    "Bullshit," responds Goldstein, when asked if he thinks the hacker
    community is fragmenting.  "All we're seeing are the youths who are
    breaking into systems.  We've had that before. It was just smaller then."=
    Goldstein means the ever growing grade known as "script-kiddies,"  or
    wannabes who troll around the Net and co-opt the old "scripts"  or
    programs of other hackers, which allow them to infiltrate a computer
    system, download credit-card numbers, or logjam a network. (The most
    famous script to date is AOL4Free, which gave free AOL access by
    generating a false credit-card number based on a simple algorithm. Later
    versions of this script enabled wannabes to find real credit-card numbers
    of AOL members.)=20
    "These kids don't really have any skills," says Deth Veggie of cDc, one of
    the oldest hacker crews around. "Since they didn't learn it for themselves
    they don't respect the system they're infiltrating. And so they steal
    things and download files, which a real hacker would never do."=20
    To find out what a real hacker is, it's useful to consult the Jargon File,
    a compendium of hacker slang started by Raphael Finkel of Stanford's
    Artificial Intelligence Lab back in 1975.  The File has been updated
    numerous times and has been handed down to various editors the same way
    hackers share and constantly modify program codes.  According to Jargon
    File 4.0.0, a hacker is "a person who enjoys exploring the details of
    programmable systems." Also: "A malicious meddler who tries to discover
    sensitive information by poking around." This last definition has a new
    editor's note, reading: "deprecated."=20
    According to a study released earlier this year by the Computer Security
    Institute and the FBI, however, malicious hacks are on the rise.
    Sixty-four percent of the companies surveyed reported computer security
    breaches within the past year, a 16 percent increase over the year before.=
    And 47 percent of these attacks resulted in theft of data, financial
    fraud, or sabotage.  Though there are no statistics on exactly how many
    hackers are surfing the Net, it is clear that there are more of these
    "malicious meddlers" than ever before.=20
    "I don't see it as an alarming trend," says Route of Phrack, an electronic
    hacker publication founded in 1985, just after 2600.  "The hacker world is
    a mirror of society. And we'll have these bad elements like any society.
    It's just that nobody knows what we're really about."=20
    This public relations trouble is caused in part by the disproportionate
    amount of media attention bestowed on hackers like Tenebaum and Kevin
    Mitnick, who has been in jail since 1995 awaiting trial on charges of
    stealing 20,000 credit-card numbers=97 and who will be portrayed by Skeet
    Ulrich in a forthcoming Miramax film.=20
    Many of the traditional cadre of hackers have complained that the media
    like to focus on people like Mitnick and "clump us together with those
    guys," says Hosaka, founder of r00t, another hacker crew. "R00t doesn't do
    things like that. We don't 'hack' in that way. All we're about is hanging
    out, exchanging information, and teaching each other new things. If you
    want to break something, go out and buy it, then break it. Don't break
    other people's work."=20
    These sentiments, shared by many of the hacking world's sizable old guard,
    have increased the tension over the already contentious Mitnick issue,
    which many hackers point to as evidence of fragmentation. Although just
    about everyone agrees Mitnick has been held in jail for too long without a
    trial, many think he should face the consequences. "He did do bad things
    and break the law," says Tom Jackiewicz, a/k/a invalid, of UPT, an old
    hacker BBS. "He should pay for his crimes." But Goldstein disagrees, and
    has campaigned heavily for a speedy trial. "Mitnick is not someone who
    belongs in prison,"  he claims.=20
    The recent hack of the New York Times Web site=97 where the words "Free
    Kevin" were graffitied by a crew calling itself Hacking For Girlies (HFG)=
    has also become a point of contention.=20
    "It was wrong," says Hosaka. "On the Internet you have the ability to
    display what you want, so put up your own site."=20
    Still, some think it was "pulled off pretty well," according to Deth
    Veggie. "My impression is that it was done more to send a message than
    just to say, 'Look, we hacked a Web page!' which is what [these types of
    hacks are] mostly about."=20
    The Times is considering the incident a criminal act and the FBI is
    investigating. Although Web page hacks are usually within the purview of
    newbie hackers, one hacker source says he knows that "this was done by a
    hacker from the old guard."=20
    Perhaps it was not simply a statement about the Mitnick case but a call
    for the old guard to reclaim media attention, showing everyone that they
    still exist.=20
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:11:08 PDT