http://www0.mercurycenter.com/business/top/019849.htm BY ELISE ACKERMAN Mercury News Oct. 9, 2001 Say the word ``hacker,'' and most people still think of an antisocial teenage boy running amok in government computer systems, concocting nasty viruses and defacing Web sites. But during the past few years, as computers have become commonplace in conventional homes and businesses, hackers have undergone a remarkable transformation. Not only have hackers become friendlier and more law-abiding, they are also more frequently female. ``It used to be a boy thing, and now it's an everybody thing,'' said Alan Paller, director of research for the SANS Institute, a for-profit organization in Bethesda, Md., that provides computer security research and training. Women have helped soften the hacker image. More interested in computer security than in computer vandalism, they choose overwhelmingly to be cops rather than robbers, experts say. That means they'll gladly break into your computer, but only if they receive an invitation first. During the past three years, female attendance at computer security training courses run by organizations like the SANS Institute has tripled, organizers say. They are also showing up in greater numbers for Def Con, the hacker bacchanal and convention held each year in Las Vegas. ``There's more and more women getting into the hacking movement,'' said Brazen, a 23-year-old member of the Ghetto Hackers, who asked to be identified only be her online handle to protect her privacy. ``It's not that I want to be destructive, but computers are becoming more and more part of our lives, and it's important for me to know what this technology is doing exactly.'' The Ghetto Hackers -- famous for holding the three-time title to the Capture The Flag tournament, hacking's answer to golf's Masters championship -- have a reputation as a female-friendly hacking group. ``With these guys, I'm just one of the boys,'' said Brazen, who began using her parents' computer to hook up to computer bulletin boards when she was 16. Other women attending Def Con in July echoed her curiosity. Raven Alder, a 25-year-old senior network engineer from Washington, D.C., said learning about computer networks is like solving puzzles. ``I just find a whole lot of joy in figuring out something that is difficult,'' she said. The first woman to make a technical presentation a Def Con conference, Alder spoke this year about a programming tool she wrote that enables system administrators to trace electronic attacks. ``You have some people who have this misguided idea that women are not technically skilled,'' Alder said, explaining why she chose Def Con as a forum. Though female hackers continue to be few in number -- the vast majority of women at this year's Def Con were girlfriends or hangers-on -- the presence of several dozen geek girls underscored how much the hacking world has changed. During hacking's golden era in the early '90s, the term ``hacker'' referred to highly skilled programmers who enjoyed the intellectual challenge posed by unknown computer systems. Hackers regularly trespassed but rarely caused damage. By the end of the decade, however, some hackers had become more malevolent. The ready availability of highly automated hacking tools enabled pranksters with little or no technical skills to break in to sophisticated networks and carry out complex, coordinated assaults. Derisively referred to as ``script kiddies'' or, in cases when they demonstrated some computer skills, ``crackers,'' the attackers gave all of hackerdom a bad name. In response, many hackers have been trying to reclaim the term's original meaning and rehabilitate hackers' image. ``Everyone who was a hacker five years ago is now a security consultant,'' observed Def Con founder Jeff Moss. And more and more women are joining the ranks of these ``white hat'' hackers. ``Hacking is the pursuit of knowledge,'' declared Anna Moore, a 15-year-old from Oklahoma who won the ethical hacking game at Def Con this year. An innocent-looking blonde, Moore admits to going through ``a lamer phase'' when she first started hacking and discovered cool tools that could be used to crash strangers' computers. But she soon realized that was illegal, and after several talks with her mom and dad, she resolved to stay on the right side of the law. ``The name of the game is you have to do the responsible thing,'' said Anna's mother, Michele Moore, who chaperoned Anna at Def Con this summer. The elder Moore spent most of the weekend working on needlepoint as Anna and her friends competed in the Capture The Flag tournament. Of course, not all female hackers aspire to good citizenship awards. Lee Curtis, who oversees high-tech investigations in the Western region for Kroll Associates, said that in his experience, women are just as likely as men to use their hacking skills to commit crimes. In September, a 30-year-old Ohio woman pleaded guilty to remotely logging into the computer system of her employer, executive recruiting firm Christian & Timbers, and maliciously changing the password of the chief information officer. In recent years, a number of women have joined the ranks of virus writers, said Sarah Gordon, a senior research fellow at Symantec. But even there, Gordon said, women appear to take a gentler approach, focusing more on the programming challenge than on the virus' destructive impact. ``The payload is much less important,'' she said. ``They are more interested with the process than with the destination.'' The same could be said for women programmers who practice electronic burglary. Viki Navratilova, who co-authored a recent edition of ``Linux For Dummies Quick Reference,'' said she will break into a computer only if the owners ask her to, usually because they want her to test its defenses. ``It is really fun if an exploit actually works'' even after a computer has been properly secured, Navratilova said. Alder, who has also broken into friends' computers at their request, said the intellectual challenge is part of the appeal, but so is the feeling that she is helping people protect themselves. ``It's like being a doctor and diagnosing someone's complex illness,'' she explained. -------------------------------------------------------------------- Contact Elise Ackerman at eackermanat_private or (408) 271-3774. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 06:00:33 PDT