NOTES FROM THE UNDERGROUND
PART 1
Computers are becoming an integral part of everyday life. Many people are worried about the rapidity of the changing technology and the lack of control the individual seems to have on the way society is changing because of that information technology. The Internet is changing how society views itself. Global communities are forming. People are banning together through interests and not through nationalities or ethnic backgrounds. The world is becoming minutized. Those who don't have the knowledge, or access to the computer networks are worried that they will be left behind, and of course they will be. Those who are ignorant of the technology fear that some kind of technological apocalypse is coming that they cannot prevent, and perhaps it is. Borders are falling physically and a new reality, an ether reality, is invading the physical.
Information is Power. More so now than ever before. Those who understand the technology and know how to get the information are at the head of the game. Governments are worried. They can no longer control their citizens. They can not regulate what is said and done over these global electronic infrastructures, though its not for lack of effort on their part. New laws are being passed, people are being raided, equipment is being confiscated. The governments are trying but the Internet is so anarchicly structured with no central focus point that it will be difficult, perhaps impossible to regulate at a national level. If and when governments do get tough, the underground will be pushed even further underground and will have to resort to drastic measures. Confrontation looms in the not too distant future.
Up until now the individual has had a relatively small range of communication. Television, radio and newspapers are controlled and regulated by whoever is in power or at least the cultural or monetary elite. Enter the Internet, now one individual can reach thousands of individuals not just locally, not just nationally but globally. In the last few years reality has taken on the shape of a William Gibson or Bruce Sterling novel. Just how much society has influenced Gibson's novels and how much Gibson has influenced society I have no idea, but as we approach the new millennia technology is rapidly turning us into an information society.
Hackers and crackers will play a major role in that age. There will be a computer in most every house just as there is electrical currents in every house now. E-mail addresses will become standard. MCI, AT&T and British Telecom are not investing millions of dollars into the Internet for no reason. Who wants to send snail mail [by normal post] when you can just send bits and bites across the Internet reaching your destination in seconds? Things are changing and they're changing at lightning speed.
There is talk of off-shore data havens and cypherpunks creating their own economic systems. Anarcho-capitalists seizing power from the old guard. Information is being kept on-line more and more. Bank records, credit records, driving records, medical records, military service records, national insurance records, social security and unemployment records, school records, the stock exchange, all this information is kept on computers. Many of those computers can be accessed remotely by people who want to work from home or engineers who need to work in the field or have access in case of emergency. Some of these computers have links to the internet. So how safe is all this information? What's to stop some determined hacker from getting the data? And what would they do with it if they had it? What will happen in the future? What about Big Brother? Is 1984 just behind schedule? What of these rampant chaotic anarchist hackers that go about breaking into and crashing computer systems? Who are they? What are they doing? Why?
In general people are usually afraid of things that they don't know anything about. It is easy to create a distopian vision of the technological future that we are facing. The hacker underground is something that, unless you're involved in you probably don't know much about. If you ask ten different hackers why they hack you will probably get ten very different answers. So because people don't know any hackers personally and their main source of information is what they are told by the media, they usually have a negative, often fearful, view of hackers and hacking.
The media propagates negative mythologies. It is in the interest of big business and the governments to keep the public anti-hacker. In this way harsher laws can be enforced against the new citizen medium that is the internet. The internet empowers the individual. Hackers are able to obtain information that governments and corporations keep to themselves, usually under the guise of `National Security' or `Intellectual Property'. And besides, Techno-anarchists and outlaw hackers make good copy and sell lots of papers.
In the recent case of Kevin Mitnick, a hacker who has been making headlines for years, the papers had a field day. I am not even talking about the tabloid press, Andrew Brown reported, "Hacker may get 35 years" [18, February, 95 © The Independent]. "Hunting the Outlaw, page 3", I turn to page 3..."He plundered the citadels of cyberspace...Police seize information super-highway `robber'". Jonathan Freedland reported, "Cyber-nemesis of a supreme hacker" and "Nerd `Dick Turpin' of superhighway". James Bone reported, "Phone ranger traps cyberspace outlaw" Those were just a few of the headlines that made the papers concerning the arrest of Kevin Mitnick, a hacker who was on the FBI's most wanted list and had been on the run for 2 years.
So what kind of imagery is the media portraying? Outlaw, plunderer, robber, Dick Turpin! Wow! It's like a gun-fight at the OK Cyber Corral. Hang 'em high! It makes for good copy but I think that this analogy is taking it a bit too far into the realm of fantasy sci-fi cow-punk. Hacking is done in the realm of the ether. A world made up of ones and zeros. I am not saying that ALL hacking is completely harmless and that systems-crackers never do anything wrong either morally or by law enforcement standards, but the connotations of `outlaw', and comparing Mitnick to Turpin are way off the mark. Dick Turpin and Billy the Kid used violence against their opponents, threatened them with death. "Your money or your life." was Turpin's catch phrase.
Mitnick on the other hand drove around in a beat up car and had no real cash, so he obviously was not hacking for profit. Maybe he called up people he didn't like and harassed them, but on the whole from what I've heard Mitnick was pretty harmless. Mitnick has been around for a long time however and he has a reputation for being a good hacker and he was wanted pretty badly by the FBI. He has been in trouble on several occasions. Once he was let off with probation because of his addiction to computers. Mitnick like most other hackers is obsessed with technology and with computers and phone systems. Anyone that spends that much time on-line, 24-7, is bound to know alot about what they are doing if not through sheer persistency.
The whole way in which the Mitnick arrest was reported leaves much confusion as to what actually happened and what the actual facts of the case were. I came across an interesting article in the Computer Underground Digest by Jason Hillyard pertaining to the Mitnick Media Circus.
Mr Hillyard writes: "As usual, the press got some things right, got many things wrong and occasionally just got weird." "Tight phone restrictions on suspected cyberthief" News and Observer, February 17, 1995 worth of corporate information by tapping into electronic networks." Read that again. Did they say billions? According to the FBI affidavit, Mitnick allegedly copied software worth up to $1 million from Shimomura's computer. Where did this billions come from? Perhaps the reporter was confused after writing a story on federal spending.
The article goes on to site other specific examples and makes some good points. Kevin Mitnick is obviously not innocent in this case, he definitely broke into computers and copied software that didn't belong to him, as well as rummaging through files, and he also supposedly used phone card numbers that didn't belong to him. Does this deserves 35 years in prison? Do most violent offenders, far more a danger to society, get that much?
It has been reported in the media that Mitnick stole 20,000 credit card numbers from the on-line service provider Netcom. These particular numbers have been known about for some time in the underground and there is no actual proof as to whether Mitnick took them personally or just obtained them through the underground. I heard that 2600 even published a warning making reference to these numbers circulating way before Mitnick was arrested.
In November I asked Netcom if it were possible that their users credit card information could have been compromised. "I mean you wouldn't actually keep that information on line would you?" I asked. "Don't worry all of our credit information is kept behind a firewall," they replied thinking that would reassure me. Gulp. I couldn't believe that they could be that careless or that they could think that the information was safe just because it was behind a firewall. I had assumed that a big network service provider like netcom would keep their users credit details off-line where they could not be accessed remotely. Some of these numbers have been posted on underground BBS's as well as IRC on several occasions. Shouldn't Netcom be held responsible for their own security? No one even brought up this issue in the papers. I don't think that anyone, unless they were directly involved in the proceedings, will ever know exactly what went on during the tracking down of Kevin Mitnick. I have heard some interesting rumours but that is all they are, rumours.
So if Mitnick is the notebook toting outlaw of the story, then Wyatt Earp in this particular case is played by Tsutomu Shimomura, the cellular slinging good guy. Who once he had finished roping in the wiley outlaw, rode off into the sunset (in this case to the ski slopes). It takes a hacker to catch a hacker and Tsutomu is an exceptionally good hacker and Mitnick's luck ran out. Does this sound like a Hollywood script? From what I hear the book and movie rights have already been sold...coming to a theatre near you.
For more information see back issues of the Computer Underground Digest.
Hacker has not always been synonymous with techno-criminal. In fact if you ask alot of the European hackers what their favorite hack is, you are bound to get a story about something that isn't done on a computer. "To make a good hack is to do something very good, in a good way, with a good mind", a German hacker told me.
The media and the new-style computer cracker has changed the meaning of the word hacker, much to the chagrin of the old style hacker, who goes to a lot of trouble not to be confused with the new style systems cracker. You hear the old school say, "they aren't hackers, they are crackers"; a hacker being interested in knowing how the system works, the cracker being interested in knowing how to get into the system. It is a subtle yet important distinction, but at the same time the lines often become blurred. It is mainly a sense of the ethics. The old style hackers have a definite sense of morality. The new style hacker? Some do and some don't.
Generally speaking hackers tend to be a product of their environment. In the states, hackers are very individualistic. Many of the hacker underground are interested more in the technology itself, rather than the applications of it. Holland has produced its version of the techno-anarchist, hackers who are interested in the technology and are politically active and have socialistic tendencies. German hackers are much more serious and very politically aware. The scene there has always been quite politically orientated. There is a group in Germany that has even gone so far as to set up networks in the former Yugoslavia, in the war zone, so that the inhabitants can have a grass root form of communication. These connections enable people to communicate during periods when the phone lines may be cut in order to get relief through and keep the peace movement going. Is this fitting with the image that your average person has concerning hackers? Cyber Nerds? Outlaws? Techno-criminals?
Required Reading: Steven Levy: Hackers
Since the hacker underground is so big and so diverse it may be better to look at individuals or groups when trying to understand the hacker underground...