                     Copyright 1994 McGraw-Hill, Inc.
                                 Business Week

                                 August 1, 1994

SECTION: TOP OF THE NEWS; Number 3383; Pg. 34

LENGTH: 784 words

HEADLINE:  'CAPTAIN CRUNCH, PICK UP THE WHITE COURTESY PHONE'

BYLINE: Larry Armstrong, Los Angeles

HIGHLIGHT:
A who's who of hackerdom descends on Las Vegas for a convention

BODY:


    Hands down, it's the unlikeliest computer conference around. It's called
Def Con, and it's quickly turning into the annual meeting of the Computer
Underground. For the second sultry July in a row, assorted hackers, crackers,
and phone phreaks are flocking to Vegas to discuss how to infiltrate computer
systems, among other topics. In hot pursuit are various attorneys, computer
company security officials, and law enforcement officers. ''Toto, I don't think
we're at Comdex anymore,'' says Code Ripper, taking a dig at the computer
industry's legitimate fall convention. Code Ripper, a hacker and occasional
columnist for Gray Areas magazine, is a pseudonym.

    Few, it seems, use their real names at Def Con, which begins July 22. Unlike
other hacker conventions, this one openly extends invitations to such agencies
as the Secret Service and the Federal Bureau of Investigation so they don't have
to snoop around. Nobody's taking any chances, though. Last year, the number of
cops, real and imagined, lurking about Def Con spawned a ''Spot the Fed''
contest. Winners received special T-shirts. SEMINARS. The conference is the
brainchild of 24-year-old Dark Tangent, a.k.a. Jeff Moss, a second-year law
student at the University of Dayton. He says the name Def Con was chosen for its
military overtones. (The defense industry is a favorite hacker target.) Moss,
who insists he doesn't do anything illegal anymore, grew up in Seattle sorting
through the dumpsters of giant Microsoft Corp. -- virtually every computer disk
he owns has a Word 4.0 label on it. Because he had observed that most hacker
gatherings quickly degenerate into drunken parties, he decided to elevate his
event to a discussion of social and policy issues. Thus the invitations to the
Feds and serious seminars on topics such as hacker ethics and laws governing
search and seizure.

    ''I'm going just to see what the other side is up to,'' says Gail Thackeray,
a 45-year-old district attorney in Phoenix. Thackeray, who played a key role in
Operation Sun Devil, a Secret Service undercover probe into phone-card fraud
four years ago, was generally lambasted by attendees when she volunteered to
field questions at last year's confab. ''There were lots of hacking discussions,
but a lot of time was spent in substantive presentations as well,'' she says.
''And I don't think anyone did anything overtly criminal.''

                         Business Week, August 1, 1994

    They came close. Last year's Def Con was held at the Sands Hotel & Casino
(which, ironically, is owned by the same group that runs the Comdex convention).
The late shift of Sands security guards, unaware that Def Con organizers had
arranged for the meeting rooms to be open 24 hours a day, attempted to evict
Code Ripper, Merc, and the Prophet, three young hackers who had decided to crash
there overnight. After the incident, one hacker offered Moss the phone number
and passwords for the computer that runs the casino. ''You'd think that the
casino would have had a functional security system set up,'' says Moss. ''Not.''

    This year, Moss has shifted to the Sahara Hotel & Casino and expects
attendance to triple, to more than 300. He has scheduled 22 speakers -- fewer
than half with fake names. Given that the keynote speaker is cryptographer
Philip Zimmermann, the meeting's hot topic promises to be data encryption.

    Zimmermann is an outspoken opponent of the government's controversial
Clipper chip -- an encryption standard featuring a back door that allows law
enforcement officials to engage in court-sanctioned decoding and eavesdropping.
Indeed, he is the target of a federal grand jury investigation in San Jose,
Calif., because his program, called PGP for Pretty Good Privacy, ended up
overseas in violation of U.S. munitions-export regulations. So far as anyone
knows, the National Security Agency -- the Clipper chip's main driver -- has
been unable to break into data encrypted by PGP.

    The heart and soul of Def Con, however, are the technical sessions held
around midnight. They're more attuned to hard-core hacker time and tastes. Take
''Twenty Ways to Trash a PC,'' by Mark Ludwig, who wrote a how-to book for virus
programmers. Then there's the session on network security -- which is actually
being held via videoconference because the expert doesn't want to show up in
person, presumably for legal reasons.

    Some of those sessions admittedly strain prosecutor Thackeray's limits. But,
hey, she's game. ''Def Con has something for everyone,'' she says. ''It's partly
an entertaining party, it's partly a fashion statement. But it's mostly
something about which the business world has no clue.'' Moss's advice to
Corporate America: Load up your laptops, we're heading to Vegas.

GRAPHIC:  Photograph: DARK TANGENT, A.K.A. JEFF MOSS: THE HACKERS' CONFAB, NOW
IN ITS SECOND YEAR, IS HIS BRAINCHILD PHOTOGRAPH BY MOJGAN B. AZIMI

LANGUAGE: ENGLISH

