Chapter 2-3
Hacker Crackdown

Go to Table of Contents

The term "hacker" has had an unfortunate history.
This book, The Hacker Crackdown, has little to say about
"hacking" in its finer, original sense.  The term  can signify
the free-wheeling intellectual exploration of the highest
and deepest potential of computer systems.  Hacking can
describe the determination to make access to computers
and information as free and open as possible.  Hacking
can involve the heartfelt conviction that beauty can
be found in computers, that the fine aesthetic in a perfect
program can liberate the mind and spirit.  This is "hacking"
as it was defined in Steven Levy's much-praised history
of the pioneer computer milieu, Hackers, published in 1984.

Hackers of all kinds are absolutely soaked through with heroic
anti-bureaucratic sentiment.  Hackers long for recognition
as a praiseworthy cultural archetype, the postmodern electronic
equivalent of the cowboy and mountain man.  Whether they deserve
such a reputation is something for history to decide.  But many hackers--
including those outlaw hackers who are computer intruders, and whose
activities are defined as criminal--actually attempt to LIVE UP TO
this techno-cowboy reputation.  And given that electronics and
telecommunications are still largely unexplored territories,
there is simply NO TELLING what hackers might uncover.

For some people, this freedom is the very breath of oxygen,
the inventive spontaneity that makes life worth living
and that flings open doors to marvellous possibility and
individual empowerment.  But for many people
--and increasingly so--the hacker is an ominous figure,
a smart-aleck sociopath ready to burst out of his basement
wilderness and savage other people's lives for his own
anarchical convenience.

Any form of power without responsibility, without direct
and formal checks and balances, is frightening to people--
and reasonably so.  It should be frankly admitted that
hackers ARE frightening, and that the basis of this fear
is not irrational.

Fear of hackers goes well beyond the fear of merely criminal activity.

Subversion and manipulation of the phone system
is an act with disturbing political overtones.
In America, computers and telephones are potent symbols
of organized authority and the technocratic business elite.

But there is an element in American culture that
has always strongly rebelled against these symbols;
rebelled against all large industrial computers
and all phone companies.  A certain anarchical tinge deep
in the American soul delights in causing confusion and pain
to all bureaucracies, including technological ones.

There is sometimes malice and vandalism in this attitude,
but it is a deep and cherished part of the American national character.
The outlaw, the rebel, the rugged individual, the pioneer,
the sturdy Jeffersonian yeoman, the private citizen resisting
interference in his pursuit of happiness--these are figures that all
Americans recognize, and that many will strongly applaud and defend.

Many scrupulously law-abiding citizens today do cutting-edge work
with electronics--work that has already had tremendous social influence
and will have much more in years to come.  In all truth, these talented,
hardworking, law-abiding, mature, adult people are far more disturbing
to the peace and order of the current status quo than any scofflaw group
of romantic teenage punk kids.  These law-abiding hackers have the power,
ability, and willingness to influence other people's lives quite unpredictably.
They have means, motive, and opportunity to meddle drastically with the
American social order.  When corralled into governments, universities,
or large multinational companies, and forced to follow rulebooks
and wear suits and ties, they at least have some conventional halters
on their freedom of action.  But when loosed alone, or in small groups,
and fired by imagination and the entrepreneurial spirit, they can move
mountains--causing landslides that will likely crash directly into your
office and living room.

These people, as a class, instinctively recognize that a public,
politicized attack on hackers will eventually spread to them--
that the term "hacker,"  once demonized, might be used to knock
their hands off the levers of power and choke them out of existence.
There are hackers today who fiercely and publicly resist any besmirching
of the noble title of hacker.  Naturally and understandably, they deeply
resent the attack on their values implicit in using the word "hacker"
as a synonym for computer-criminal.

This book, sadly but in my opinion unavoidably, rather adds
to the degradation of the term.  It concerns itself mostly with "hacking"
in its commonest latter-day definition, i.e., intruding into computer
systems by stealth and without permission.  The term "hacking" is used
routinely today  by almost all law enforcement officials with any
professional interest in computer fraud  and abuse.  American police
describe almost any crime committed with, by, through, or against
a computer as hacking.

Most importantly, "hacker" is what computer-intruders
choose to call THEMSELVES.  Nobody who "hacks" into systems
willingly describes himself (rarely, herself) as a "computer intruder,"
"computer trespasser," "cracker," "wormer," "darkside hacker"
or "high tech street gangster."  Several other demeaning terms
have been invented  in the hope that the press and public
will leave the original sense of the word alone.  But few people
actually use these terms.  (I exempt the term "cyberpunk,"
which a few hackers and law enforcement people actually do use.
The term "cyberpunk" is drawn from literary criticism and has
some odd and unlikely resonances, but, like hacker,
cyberpunk too has become a criminal pejorative today.)

In any case, breaking into computer systems was hardly alien
to the original hacker tradition.  The first tottering systems
of the 1960s  required fairly extensive internal surgery merely
to function day-by-day.  Their users "invaded" the deepest,
most arcane recesses of their operating software almost
as a matter of routine. "Computer security" in these early,
primitive systems was at best an afterthought.  What security
there was, was entirely physical, for it was assumed that
anyone allowed near this expensive, arcane hardware would be
a fully qualified professional expert.

In a campus environment, though, this meant that grad students,
teaching assistants, undergraduates, and eventually,
all manner of dropouts and hangers-on ended up accessing
and often running the works.

Universities, even modern universities, are not in
the business of maintaining security over information.
On the contrary, universities, as institutions, pre-date
the "information economy" by many centuries and are not-
for-profit cultural entities, whose reason for existence
(purportedly) is to discover truth, codify it through
techniques of scholarship, and then teach it.  Universities
are meant to PASS THE TORCH OF CIVILIZATION, not just
download data into student skulls, and the values of the
academic community are strongly at odds with those of all
would-be information empires.  Teachers at all levels, from
kindergarten up, have proven to be shameless and persistent
software and data pirates.  Universities do not merely
"leak information" but vigorously broadcast free thought.

This clash of values has been fraught with controversy.
Many hackers of the 1960s remember their professional
apprenticeship as a long guerilla war against the uptight
mainframe-computer "information priesthood."  These computer-hungry
youngsters had to struggle hard for access to computing power,
and many of them were not above certain, er, shortcuts.
But, over the years, this practice freed computing
from the sterile reserve of lab-coated technocrats and
was largely responsible for the explosive growth of computing
in general society--especially PERSONAL computing.

Access to technical power acted like catnip on certain
of these youngsters.  Most of the basic techniques of
computer intrusion: password cracking, trapdoors, backdoors,
trojan horses--were invented in college environments in the 1960s,
in the early days of network computing.  Some off-the-cuff
experience at computer intrusion was to be in the informal
resume of most "hackers" and many future industry giants.
Outside of the tiny cult of computer enthusiasts, few people
thought much about  the implications of "breaking into"
computers.  This sort of activity had not yet been publicized,
much less criminalized.

In the 1960s, definitions of "property" and "privacy"
had not yet been extended to cyberspace.  Computers
were not yet indispensable to society.  There were no vast
databanks of vulnerable, proprietary information stored
in computers, which might be accessed, copied without
permission, erased, altered, or sabotaged.  The stakes
were low in the early days--but they grew every year,
exponentially, as computers themselves grew.

By the 1990s, commercial and political pressures
had become overwhelming, and they broke the social
boundaries of the hacking subculture.  Hacking
had become too important to be left to the  hackers.
Society was now forced to tackle the intangible nature
of cyberspace-as-property, cyberspace as privately-owned
unreal-estate.  In the  new, severe, responsible, high-stakes
context of the "Information Society" of the 1990s,
"hacking" was called into question.

What did it mean to break into a computer without
permission and use its computational power, or look
around inside its files without hurting anything?
What were computer-intruding hackers, anyway--how should
society, and the law, best define their actions?
Were they just BROWSERS, harmless intellectual explorers?
Were they VOYEURS, snoops, invaders of privacy?  Should
they be sternly treated as potential AGENTS OF ESPIONAGE,
or perhaps as INDUSTRIAL SPIES? Or were they best
defined as TRESPASSERS, a very common teenage
misdemeanor?  Was hacking THEFT OF SERVICE?
(After all, intruders were getting someone else's
computer to carry out their orders, without permission
and without paying).  Was hacking FRAUD?  Maybe it was
best described as IMPERSONATION.  The commonest mode
of computer intrusion was (and is) to swipe or snoop
somebody else's password, and then enter the computer
in the guise of another person--who is commonly stuck
with the blame and the bills.

Perhaps a medical metaphor was better--hackers should
be defined as "sick," as COMPUTER ADDICTS unable
to control their irresponsible, compulsive behavior.

But these weighty assessments meant little to the
people who were actually being judged.  From inside
the underground world of hacking itself, all these
perceptions seem quaint, wrongheaded, stupid, or meaningless.
The most important self-perception of underground hackers--
from the 1960s, right through to the present day--is that
they are an ELITE.  The day-to-day struggle in the underground
is not over sociological definitions--who cares?--but for power,
knowledge, and  status among one's peers.

When you are a hacker, it is your own inner conviction
of your elite status that enables you to break, or let
us say "transcend," the rules.  It is not that ALL rules
go by the board.  The rules habitually broken by hackers
are UNIMPORTANT rules--the rules of dopey greedhead telco
bureaucrats and pig-ignorant government pests.

Hackers have their OWN rules, which separate behavior
which is cool and elite, from behavior which is rodentlike,
stupid and losing.  These "rules," however, are mostly unwritten
and enforced by peer pressure and tribal feeling.  Like all rules
that depend on the unspoken conviction that everybody else
is a good old boy, these rules are ripe for abuse.  The mechanisms
of hacker peer- pressure, "teletrials" and ostracism, are rarely used
and rarely work.  Back-stabbing slander, threats, and electronic
harassment are also freely employed in down-and-dirty intrahacker feuds,
but this rarely forces a rival out of the scene entirely.  The only real
solution for the problem of an utterly losing, treacherous and rodentlike
hacker is to TURN HIM IN TO THE POLICE.  Unlike the Mafia or Medellin Cartel,
the hacker elite cannot simply execute the bigmouths, creeps and troublemakers
among their ranks, so they turn one another in with astonishing frequency.

There is no tradition of silence or OMERTA in the hacker underworld.
Hackers can be shy, even reclusive, but when they do talk, hackers
tend to brag, boast and strut.  Almost everything hackers do is INVISIBLE;
if they don't brag, boast, and strut about it, then NOBODY WILL EVER KNOW.
If you don't have something to brag, boast, and strut about, then nobody
in the underground will recognize you and favor you with vital cooperation
and respect.

The way to win a solid reputation in the underground
is by telling other hackers things that could only
have been learned by exceptional cunning and stealth.
Forbidden knowledge, therefore, is the basic currency
of the digital underground, like seashells among
Trobriand Islanders.  Hackers hoard this knowledge,
and dwell upon it obsessively, and refine it,
and bargain with it, and talk and talk about it.

Many hackers even suffer from a strange obsession to TEACH--
to spread the ethos and the knowledge of the digital underground.
They'll do this even when it gains them no particular advantage
and presents a grave personal risk.

And when that risk catches up with them, they will go right on teaching
and preaching--to a new audience this time, their interrogators from law
enforcement.  Almost every hacker arrested tells everything he knows--
all about his friends, his mentors, his disciples--legends, threats,
horror stories, dire rumors, gossip, hallucinations.  This is, of course,
convenient for law enforcement--except when law enforcement begins
to believe hacker legendry.

Phone phreaks are unique among criminals in their willingness
to call up law enforcement officials--in the office, at their homes--
and give them an extended piece of their mind.  It is hard not to
interpret this as BEGGING FOR ARREST, and in fact it is an act
of incredible foolhardiness.  Police are naturally nettled
by these acts of chutzpah and will go well out of their way
to bust these flaunting idiots.  But it can also be interpreted
as a product of a world-view so elitist, so closed and hermetic,
that electronic police are simply not perceived as "police,"
but rather as ENEMY PHONE PHREAKS who should be scolded
into behaving "decently."

Hackers at their most grandiloquent perceive themselves
as the elite pioneers of a new electronic world.
Attempts to make them obey the democratically
established laws of contemporary American society are
seen as repression and persecution.  After all, they argue,
if Alexander Graham Bell had gone along with the rules
of the Western Union telegraph company, there would have
been no telephones.  If Jobs and Wozniak had believed
that IBM was the be-all and end-all, there would have
been no personal computers.  If Benjamin Franklin and
Thomas Jefferson had tried to "work within the system"
there would have been no United States.

Not only do hackers privately believe this as an article of faith,
but they have been known to write ardent manifestos about it.
Here are some revealing excerpts from an especially vivid hacker manifesto:
"The Techno-Revolution" by "Dr. Crash,"  which appeared in electronic
form in Phrack Volume 1, Issue 6, Phile 3.


"To fully explain the true motives behind hacking,
we must first take a quick look into the past.  In the 1960s,
a group of MIT students built the first modern computer system.
This wild, rebellious group of young men were the first to bear
the name `hackers.'  The systems that they developed were intended
to be used to solve world problems and to benefit all of mankind.
"As we can see, this has not been the case.  The computer system
has been solely in the hands of big businesses and the government.
The wonderful device meant to enrich life has become a weapon which
dehumanizes people.  To the government and large businesses,
people are no more than disk space, and the government doesn't
use computers to arrange aid for the poor, but to control nuclear
death weapons.  The average American can only have access
to a small microcomputer which is worth only a fraction
of what they pay for it.  The businesses keep the
true state-of-the-art equipment away from the people
behind a steel wall of incredibly high prices and bureaucracy.
It is because of this state of affairs that hacking was born.  (. . .)
"Of course, the government doesn't want the monopoly of technology broken,
so they have outlawed hacking and arrest anyone who is caught.  (. . .)
The phone company is another example of technology abused and kept
from people with high prices.  (. . .)  "Hackers often find that their
existing equipment, due to the monopoly tactics of computer companies,
is inefficient for their purposes.  Due to the exorbitantly high prices,
it is impossible to legally purchase the necessary equipment.
This need has given still another segment of the fight:  Credit Carding.
Carding is a way of obtaining the necessary goods without paying for them.
It is again due to the companies' stupidity that Carding is so easy,
and shows that the world's businesses are in the hands of those
with considerably less technical know-how than we, the hackers.  (. . .)
"Hacking must continue.  We must train newcomers to the art of hacking.
(. . . .)  And whatever you do, continue the fight.  Whether you know it
or not, if you are a hacker, you are a revolutionary.  Don't worry,
you're on the right side."

The  defense of "carding" is rare.  Most hackers regard credit-card
theft as "poison" to the underground, a sleazy and immoral effort that,
worse yet, is hard to get away with.  Nevertheless, manifestos advocating
credit-card theft, the deliberate crashing of computer systems,
and even acts of violent physical destruction such as vandalism
and arson do exist in the underground.  These boasts and threats
are taken quite seriously by the police.  And not every hacker
is an abstract, Platonic computer-nerd.  Some few are quite experienced
at picking locks, robbing phone-trucks, and breaking and entering buildings.

Hackers vary in their degree of hatred for authority
and the violence of their rhetoric.  But, at a bottom line,
they are scofflaws.  They don't regard the current rules
of electronic behavior as respectable efforts to preserve
law and order and protect public safety.  They regard these
laws as immoral efforts by soulless corporations to protect
their profit margins and to crush dissidents.  "Stupid" people,
including police, businessmen, politicians, and journalists,
simply have no right to judge the actions of those possessed of genius,
techno-revolutionary intentions, and technical expertise.