RE: [ISN] 'Hacker' is too cutesy a word to describe what's really going on

From: InfoSec News (isnat_private)
Date: Wed Oct 09 2002 - 00:19:44 PDT

  • Next message: InfoSec News: "[ISN] Ten minute Firewall"

    Forwarded from: Richard Thieme <rthiemeat_private>
    An alternative point of view on the use of the word ...
    Real Hacking Rules!
    Or, Before the Word is Totally Useless, What Is the Essence of Hacking?
    by Richard Thieme
    On the tenth anniversary of Def Con, the annual Las Vegas meeting of
    computer hackers, security professionals, and others, I reflected on
    how the con--and hacking--had changed since I spoke at Def Con 4 seven
    years earlier.
    The word hacker today means everything from digging into a system--any
    system--at root level to defacing a Web site with graffiti. Because we
    have to define what we mean whenever we use the term, the word is lost
    to common usage. Still, post 9/11 and the Patriot Act, it behooves
    hackers of any definition to be keenly aware of the ends to which they
    hack. Hackers must know their roots and know how to return to "root"
    when necessary.
    At Def Con 4 I said that hacking was practice for transplanetary life
    in the 21st century. I was right. The skills I foresaw as essential
    just a short generation ahead have indeed been developed by the best
    of the hacker community, who helped to create--and secure--the Net
    that is now ubiquitous. But the game of building and cracking
    security, managing multiple identities, and obsessing over solving
    puzzles is played now on a ten-dimensional chess board. Morphing
    boundaries at every level of organizational structure have created a
    new game.
    In essence, hacking is a way of thinking about complex systems. It
    includes the skills required to cobble together seemingly disparate
    pieces of a puzzle in order to understand the system; whether modules
    of code or pieces of a bigger societal puzzle, hackers intuitively
    grasp and look for the bigger picture that makes sense of the parts.
    So defined, hacking is a high calling. Hacking includes defining and
    defending identity, creating safe boundaries, and searching for the
    larger truth in a maze of confusion and intentional disinformation.
    In the national security state that has evolved since World War II,
    hacking is one means by which a free people can retain freedom.
    Hacking includes the means and methodologies by which we construct
    more comprehensive truths or images of the systems we hack.
    Hackers cross disciplinary lines. In addition to computer hackers,
    forensic accountants (whistleblowers, really), investigative
    journalists ("conspiracy theorists"), even shamans are hackers because
    hacking means hacking both the system and the mind that made it.
    That's why, when you finally understand Linux, you understand ...
    The more complex the system, the more challenging the puzzles, the
    more exhilarating the quest. Edward O. Wilson said in Consilience that
    great scientists are characterized by a passion for knowledge,
    obsessiveness, and daring.
    Real hackers too.
    The Cold War mentality drew the geopolitical map of the world as
    opposing alliances; now the map is more complex, defining fluid
    alliances in terms of non-state actors, narcotics/weapons-traffickers,
    and incendiary terrorist cells. Still, the game is the same: America
    sees itself as a huge bulls-eye always on the defensive.
    In this interpretation, the mind of society is both target and weapon
    and the management of perception--from deception and psychological
    operations to propaganda, spin, and public relations--is its
    That means that the modules of truth that must be connected to form
    the bigger picture are often exchanged in a black market. The
    machinery of that black market is hacking.
    Here's an example:
    A colleague was called by a source after a major blackout in the
    Pacific Northwest. The source claimed that the official explanation
    for the blackout was bogus. Instead, he suggested, a non-state
    aggressor such as a narco-terrorist had probably provided a
    demonstration of power, attacking the electric grid as a show of
    "The proof will come," he said, "if it happens again in a few days."
    A few days later, another blackout hit the area.
    Fast-forward to a security conference at which an Army officer and I
    began chatting. One of his stories made him really chuckle.
    "We were in the desert," he said, "testing an electromagnetic weapon.
    It was high-level stuff. We needed a phone call from the Secretary of
    Defense to hit the switch. When we did, we turned out the lights all
    over the Pacific Northwest." He added, "Just to be sure, we did it
    again a few days later and it happened again."
    That story is a metaphor for life in a national security state.
    That test took place in a secured area that was, in effect, an entire
    canyon. Cover stories were prepared for people who might wander in,
    cover stories for every level of clearance, so each narrative would
    fuse seamlessly with how different people "constructed reality."
    The journalistic source was correct in knowing that the official story
    didn't account for the details. He knew it was false but didn't know
    what was true. In the absence of truth, we make it up. Only when we
    have the real data, including the way the data has been rewritten to
    obscure the truth, can we know what is happening.
    That's hacking on a societal level. Hacking is knowing how to discern
    or retrieve information beyond that which is designed for official
    consumption. It is abstract thinking at the highest level, practical
    knowledge of what's likely, or might, or must be true, if this little
    piece is true, informed by an intuition so tutored over time it looks
    like magic.
    Post 9/11, the distinction between youthful adventuring and
    reconstituting the bigger picture on behalf of the greater good is
    critical. What was trivial mischief that once got a slap on the wrist
    is now an act of terrorism, setting up a teenager for a long prison
    term. The advent of global terrorism and the beginning of the Third
    World War have changed the name of the game.
    Yet without checks and balances, we will go too far in the other
    direction. The FBI in Boston is currently notorious for imprisoning
    innocent men to protect criminal allies. I would guess that the agents
    who initiated that strategy had good intentions. But good intentions
    go awry. Without transparency, there is no truth. Without truth, there
    is no accountability. Without accountability, there is no justice.
    Hacking ensures transparency. Hacking is about being free in a world
    in which we understand that we will never be totally free.
    Nevertheless, hackers must roll the boulder up the hill. They have no
    choice but to be who they are. But they must understand the context in
    which they work and the seriousness of the consequences when they
    Hackers must, as the Good Book says, be wise as serpents and innocent
    as doves.
    Richard Thieme is a business consultant, writer, and professional
    speaker focused on "life on the edge," in particular the human
    dimension of technology and the work place, change management and
    organizational effectiveness.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Oct 10 2002 - 19:04:38 PDT