TUCoPS :: Cyber Culture :: hackmist.txt

Hackers In The Mist by Roger Blake


                           Hackers in The Mist
                                   by
                               Roger Blake
                       (e-mail: rblake@ripco.com)









                            December 2, 1994










                            Anthropology C99
                            Independent Study
                          Northwestern University



























                                Abstract:

     In this article I explore the culture of computer hackers.
Through interviews and time spent with hackers, I have come to
appreciate their respect for information.  In this culture
information is looked upon as the key to status, wealth, and
power.  Hackers use information to gain status within their
group, and power over their environment.  Whether in someone's
head or on a disk, information is the means by which hacker
society is stratified.












































Table of Contents:

Abstract
Table of Contents
Forward
     The Project
     The Researcher
     The Target Culture
Why Hackers Hack
Who Are Hackers?
     Profile of a Hacker
     What Hackers do When they are not Hacking
     The Hacker Personality
What Hackers Do
     System Hacking
          Packet Sniffing
          Password Guessing
     Phreaking
          The Blue Box
          The Red Box
     Hacking Without Using Machines
          Social Engineering
          Trashing
A Closer Look at Status
     What is Elite?
     The Information Economy
     How do Hackers Become Elite?
     Conclusion
Afterward


Appendix: Works Cited























Hackers in The Mist
Forward:

The Project:
     Welcome to the computer age!  In the few short decades since
the advent of personal computing, human lives (at least in the
Western setting) have been changed dramatically.  Everything from
a short trip to the supermarket to a common telephone call is
somehow involved with computer technology.  Even this article,
which a few short years ago would have been written by hand or on
a typewriter, is being written with help from a computer.
Computers are everywhere, and effect our lives in dramatic ways.
     Computers and information technology are being integrated
into all aspects of the human experience.  Communication on every
level is being sped up due to the influence of information
technology.  Today, whole societies with rituals and
cultures all their own are forming themselves with the aid of
computers.  Face-to-face interaction is no longer necessary for
social interaction.  In that sense, computers are even
revolutionalizing the way that individuals interact in a cultural
context.
     In an attempt to understand exactly how the information
revolution is affecting human culture, I chose to study a
culture which exists primarily on-line.  This research project
deals with hackers, the seedy underbelly of cyberspace.  I have
spent time around these people, both on-line and in person, and
have seen what they are capable of.  Not only are they one of the
most potentially powerful "on-line cultures", but probably one of
the most intriguing as well.
     I am an avid computer user.  The machines themselves, with
all their bugs and quirks, can be quite interesting.  What can be
even more interesting is how people interact with these
"thinking machines."  People react to computers in different
ways -- sometimes fear and sometimes acceptance.  In the
case of hackers, the interaction with computers is so seemingly
irrational that it is a puzzle unto itself.  With my research, I
sought to understand why it is that people would go to such great
lengths to gain an elite level of technological proficiency.  I
ended up gaining a better appreciation for how the changing face
of information effecting our lives.

The Researcher:
     In a lot of ways, this project is a reaction to my previous
experiences as an ethnographer.  As part of the degree
requirements for the Anthropology Department at Northwestern
University, I studied a religious group not far from where I
lived.  Although they were very nice people, I never felt
like I had all that much common ground with them.  I was only
nineteen at the time, and the median age for the individuals in
that target culture was around fifty.  To make matters worse, I
had to overcome my natural shyness to talk to a group of people
with whom I did not feel like I had anything in common.
     With the hackers, on the other hand, I already had some
common ground.  Like the hackers, I gain much pleasure from
computer use, and consequently spend large amounts of time on-
line.  I was also the same age as many of the hackers I was
studying.  There was no menacing generation gap between me and my
target culture this time.  All and all, I felt generally more
comfortable around this target culture.
     Of course, there is an added advantage for the shy
researcher in studying "on-line" cultures.  It is much less
threatening to approach people within the friendly confines of
cyberspace, then it would be in person.  Doing fieldwork in
cyberspace is well suited to my personality.
     Similarly, I am personally well equipped to deal with the
digital universe.  I am familiar with all major operating
systems, especially including Unix.  Many other researchers would
have had to spend valuable time acquainting themselves with the
subtle intricacies of computer manipulation.  However, since this
is what I do with my free time, I do not have to waste research
time learning the my way around.
     Of course, another added attraction of this project is that
it allowed me to bring together two parts of my life.  In my
youth, I spent many late night hours, in front of a computer
screen, calling BBSes (computer bulletein board systems).  This
project has allowed me to integrate my admiration for digital
communities everywhere with my study of anthropology.  While
doing this project I was allowed to be ananthropologist and a
computer user at the same time.  In many ways, it was almost like
not doing work.  I could bask in the digital landscape and get
academic credit for it.  What fun!
     I enjoy working with computers, so in that sense my personal
equation was a benefit.  However, I did have the typical
preconceived notions of my sub-culture.  I was presently
surprised to find hackers much more friendly then I had expected.
For the most part they are pleasant company.  They were also
generally less menacing then I had previously imagined.  During
the course of this project, I was only threatened once, and
apparently not very seriously.  The hackers I have had contact
with were not the malicious sociopaths that one might expect.  I
was not sure what to expect from this target culture, but I was
happy to find out that hackers can be very pleasant company.

The Target Culture:
     During the course of this project, I was fortunate enough to
spend time with a gang of hackers, concentrated in the Chicago
area.  They call themselves L0CK, which is an acronym for Legion
of Codez Kidz (the 0 is intentionally substituted for an 'o').
There are about ten members of this gang, all of whom I have at
least spoken with.
     L0CK is not the only hacker gang populating the digital
landscape, however, they were the only gang I had access to.
Although I did have contact with hackers from other gangs, it was
difficult to develoup a rapport with any other gangs.  L0CK was
in my hometown, and so was I.  Developing a rapport took some
time, and face-to-face interaction, which proximity allowed, was
invaluable.  Trust doen not come naturally to people who are
doing illegal activities, and hackers are no exception.  I do not
think I could have gotten as good a rapport going with another
gang without face-to-face interaction.
     For the most part, I am not aliasing hackers.  In this
culture, there is a custom of assigning oneself a handle.  I
am using the handles of my informants as opposed to aliasing
aliases.  Many hackers like to brag, so using their name in an
article such as this, is, for them, just doing their bragging for
them.

Why Hackers Hack:

     For the most part this article will concern itself with
hacker motivation.  Why do hackers go through all the trouble to
do what they do?  Most people in society do not spend the time to
break into computer systems.  It does not have much appeal to
them.  Why then do certain people spend so much of their time and
energy accomplishing these feats of technological wizardry?
     There are probably as many answers to that question as there
are hackers (maybe more).  It is important to realize that these
people are individuals with their own hopes, fears, desires, and
everything else that comes with being human.  However, there are
general patterns to the motivation behind the computer hacker's
drive to manipulate technology.  The problem of hacker motivation
is probably one of the more interesting questions concerning this
sub-culture.
     In order to put hacker motivation into an intellectual
framework, I fell back on some basic anthropological theory.  Max
Weber believed that social stratification was based on three
factors: wealth, power, and prestige (1922).  Although having one
of these factors does not necessarily entail having the other
two, it does help.
     Weber's tri-partite system is very useful for explaining
social status.  However, in the 'computer age' it would almost be
necessary to make some sort of addendum.  Information is a very
real part of the system that Weber presented.  Hackers use
information in order to get wealth, power, and prestige.
     Hackers rarely use information to gain wealth.  This is not
considered socially acceptable.  As Sarlo reminded me in an
interview, carding (using stolen credit card numbers for profit)
is "poisen to the underground," and "doesn't make you a hacker,
it makes you an idiot (Sarlo 1994: 12)."  They do, however, use
it within their group to stratify themselves.  Hackers with the
most information gain the highest prestige within the community.
They also gain a great deal of power from that information.  Most
people can not cancel the phone service of those who upset them.
To a truly proficient hacker, this is not a very difficult
problem.  Hacking involves the accumulation of knowledge, which
is accompanied by the greater status and power.

Who Are Hackers?
     Who exactly are these techno-wiz kids who could potentially
have our technologically dependant civilization by the throat?
Where did they come from, and how did they get to be that way?
Could my son or daughter be a hacker?  In order to understand
this culture, it is important to consider who hackers are.

Profile of a Hacker:
     One of my informants lent me a book entitled Information
Warfare, by Winn Schwartau.  He did not seem to have much regard
for most of the contents of the book, but he pointed out one
chapter in particular, which he believed had some truth to it.
That chapter presented two profiles of a hacker, one from the
hackers point of view and the other from the point of view of a
clinical psychologist (Schwartau 1994: 196).
     According to the hackers with which Schwartau had contact,
hackers tend to share certain characteristics in common.  They
are mostly male, between the ages of twelve and twenty-eight.
Most are highly intelligent, but never did very well in school.
Also, according to Schwartau, hackers consider themselves misfits
and misunderstood.  They have a history of dysfunctionalism in
their families, and finally, they have trouble getting dates.
From what I have seen of hackers, and my informants agree, this
profile, is not very far from the truth.
     The youngest hackers I met were in high school, maybe
fourteen or fifteen.  It is hard to get any real information out
of hackers, but this much is difficult to hide.  The oldest
hacker I met was, at least, in his late twenties.  By his own
admission, this is quite old for a hacker.  Most hackers this old
tend to move on, as has the relatively old hacker I spoke with.
The hackers I met in person tended to be in there late teens and
early twenties.
     Hackers in general, tend to come off as being quite
intelligent.  To get any sort of respect as a hacker, technical
proficiency has to be demonstrated.  Intelligence is almost a
prerequisite for being a successful hacker.  Hackers deal with
technology, and it's manipulation.  The successful manipulation
of technology, or even people, by its very nature takes quite a
bit of intelligence.  Hackers seem to be, and most likely are, a
very intelligent group.
     Although hackers are intelligent, it is interesting to note
that very many of them are not university educated.  Many of them
do have some university background, but overall, a surprising
number of them are self taught.  Bloot commented that, "most
hackers don't think that college has anything to offer them
(Bloot 1994: 2)."
     As far as the family life of a hacker is concerned, it is
really hard to say with any certainty.  No one ever mentioned, to
me any family problems.  However, instances of abuse or other
domestic problems are seldom discussed with prying outsiders,
like ethnographic researchers.  In an interview, DataPimp said "A
lot of hackers lost control over their lives when they were kids.
Not to many had control over their own lives.  They found refuge
in a place where they had total control [computing] (Datapimp
1994: 4)."
     Hackers are quick to identify themselves as a group which
does not have the best social skills.  In a usenet post
advertising a hacker meeting there was a very appropriate quote
which illustrates this aspect of hacker identity.  The post read
"Bask in the STUDLYNESS of untanned, skinny malnutritioned and
socially maladroit computer hackers - LIVE!"  This quote was of
course, meant as a joke, hackers do seem to believe this about
themselves.
     Although, hackers characterize themselves as 'socially
maladroit' I did find them pleasant company.  It is hard to
believe that any group with that poor of a set of social skills
would ever accomplish anything by means of social engineering.
Although there are undoubtably some hackers with poor social
skills, this is not always the case.  Of course, from a
researchers stand point, this is hard to evaluate.  Most people
who suffer from shyness are not going to try to make any kind of
impression on a researcher.  It is possible that the great
majority of hackers are extremely 'socially maladroit,' and that
I only met the out going ones.
     Hacking seems to be a predominantly white teen-age male
phenomenon.  I have met several hackers in person, and all of
them have been of European descent.  I might have met hackers of
other races while on-line, however one of the most prominent
features of IRC is that no one can see anyone else.  I have been
told that there are hackers of other races, but I have not met
any.  There does not seem to be any reason why hacking should be
a uniquely white phenomenon.  There just does not seem to be an
abundance of minority hackers.
     One very surprising fact, was the abundance of female
hackers.  Although, all the hackers I met were white, a
significant portion, about ten to fifteen percent, were female.
Female hackers are a minority, but they do exist.  This was very
surprising to me, because most people do not think of women as
getting involved in anything computer related.  Fortunately,
women are making advances in all facets of our society, and
hackerdom is no exception.

What Hackers do When They are not Hacking:
     Almost no one hacks professionally.  There are a few hackers
who eventually become security consultants, and get to hack for a
living.  However, this fate is reserved mostly for either the
most accomplished hackers or the most indited.  Very few members
of the underground are hackers primarily.  In many ways it is
kind of like a hobby.
     Although there are instances of companies hiring hackers to
beef up their own security, this is relatively rare.  What is
even more rare, is when a company will hire hackers for corporate
espionage.  Although these events make for exciting fiction,
reality, unfortunately, is rarely that interesting.
     Most hackers work in the computer field either as a part of
a company, or more commonly as a freelance consultant.  Since
hacking requires a great deal of technical proficiency, and that
very proficiency is quite a marketable trait.  Hackers are very
employable people when they are not accomplishing some
technological feat of wizardry.

The Hacker Personality:
     Schwartau presents hackers as suffering from some sort of
"clinical narcissistic personality disorder (Schwartau 1994:
196)."  Although this might be a component of certain hackers'
personalities, this is an uneasy generalization of what hackers
are like, as well as their motivation.  However, it is generally
possible to put hackers into two very opposite groups, the
paranoid, and the talkative.  This is more of a spectrum in which
individual hackers might fall, then an actual grouping.  For the
most part, all the hackers I had contact with would fall
somewhere in between these two extremes.
     Paranoid hackers have some very good reasons to be paranoid.
Not only does their own government want them stopped, but several
of their friends could destroy their lives with little or no
effort.  Trying to keep ahead of the FBI, the Secret Service, and
most of all, your own associates, can get rather taxing, and
paranoia is an understandable result.  A very talkative hacker,
who calls himself Guido Sanchez had this to say about paranoid
hackers, during a tape recorded interview:

There are paranoid hackers out there, like a couple people that
we know, that are so paranoid about giving out their real
information.  Like when I say... They are fun to have fun with.
"Yeah, hey who are you doing, Mr. Smith, hahaha, of 666
Psychopath."  They get really freaked out.  Once you realize, I
could care less if you knew my real information because, I mean
as long as you knew how to react to it.  Talkative hackers, on
the other hand, are wonderful for interviewing.  Talkative
hackers love to brag, and the curious researcher is an all too
willing outlet for that bragging (Sanchez 1994: 8).

What Hackers Do:
     According to Guido Sanchez, hacking is "using your knowledge
of usually technology, sometimes people, and human nature.  It's
using your technology to get things that no one else normally
could (Sanchez 1994: 1)."  Hacking any sort of system, whether it
is electronic or social, results in the hacker gaining some sort
of control, and therefore power, over that system.  Knowledge of
how a system functions is converted into power over that system.

System Hacking:
     For the most part, computer hackers gain unauthorized access
into computers running Unix.  The reason for this is simple.
Most mainframe computers, which are accessible either by modem or
network run the Unix operating system.  The fact that Unix is so
widely used makes it's own downfall.  Many people use Unix,
therefore many people have knowledge of it.  That knowledge can,
of course, be used to manipulate the system, and even take it
over.
     There are several means of gaining control over a computer
system, and several more are being discovered every day.  As
individuals learn more about Unix, more and more security holes
are uncovered.  Every day, hackers come up with a new ways of
turning information (knowledge) into control of a computer system
and the power with people invest in it.

Packet sniffing:
     One of the easiest ways of gaining acces to a computer is to
do what is known as packet sniffing.  This procedure involves
listening to data transmissions and logging the interesting ones
to a disk.  On any computer network, such as The Internet, when
data goes from one computer to another it has to pass through
several other computers as well.  Hackers will often use software
to listen for key strings of characters such as 'login:' or
'password' and use that to collect passwords.
     Any time someone uses telnet to login remotely into a
computer, their password is vulnerable.  I have seen packet
sniffing logs and can honestly say that this is a safe and
effective means of collecting people's passwords.  No account is
secure, unless it is never accessed (and even then it is not very
secure).

Password Guessing:
     Once a hacker has access to a system they will often try to
decode the password file.  In Unix the password file is kept in
the '/etc' directory.  In most modern Unix systems the passwords
are shadowed.  What that means is that the password is not kept
in the actual password file, but is hidden somewhere else.  This
is only a problem to the novice hacker.
     More advance hackers will often try to copy the password
file by using the send mail port on Unix (port 25).  This port
does not have any security on it, because it is expected to
receive file transmissions in the form of e-mail from any
computer on earth.  I do not quite understand how this works, but
I have seen hackers use this port to capture a shadowed password
file.
     Once a password file, or a copy of it, is obtained, it is
mostly useless in it's raw state.  Passwords are encrypted in a
very complicated way, which makes them impractical to decode by
conventional means.  This is where password guessing comes into
play.
     Software packages such as Crack and CrackerJack, will go
through password files and try to guess people's individual
passwords.  Password guessers employ large dictionary files,
which are multi-megabyte lists of words.  The words compared
against the encrypted password file until matches are made.  Once
the program makes a match, it is logged, and the hacker has
access to yet another account.
     Roger Safian, security 'expert' for Northwestern University,
has run password guessers on his own system and had good results
(Safian 1994: 1).  According to Safian, he managed to gain the
passwords for over two thousand accounts in under one weekend.
Actual hackers I have spoken with have also affirmed the relative
merits of password guessing software.
     Protecting one's self from password guessing is very
difficult.  The word lists that password guessers draw from are
so exhaustive as to encompass several different languages.  The
best thing to do is not to chose a word or combination of words
as a password.  Combining letters with numbers also helps, but in
the end, there is not much that can be done.  A good password
guesser, run long enough, will try every alpha numeric
combination.  The only thing a user can hope for is to have a
password that the hacker will give up on before it is guessed.
Password guessing can take a long time with odd passwords.

Phreaking:
     In modern Western culture, the telephone is relied upon.  It
is so much a part of every day existence, that it is only noticed
by it's absence.  The various phone companies who regulate this
institution have a great deal of power and influence over our
lives (not to mention influence with law enforcement agencies).
There is a wealth of power available to those who have the
knowledge to manipulate the telephone system.
     Phreaking is the practice of intentionally misusing, from
the phone companies perspective, telephone technology.  Although
phreaking is practiced by most hackers, unlike other hacks, it
does not, for the most part, destroy the illusion of privacy in
America.  However, it is a form of hacking that is widely
practiced, and very intriguing to anyone who has gotten really
high phone bills.
     Most phreaking is done with what are called boxes.  A box is
any means by which phreaking is accomplished.  Usually, a box is
some sort of gadget which is inside a literal box, but this is
not always true.  The beige box, which is a procedure, is the
only box which is not an object.
     Boxes are differentiated from each other by descriptive
adjectives, which are usually colors.  Usually, the boxes get
named after what the first one looked like, or what the inventor
chooses.  The first blue box, for example, was blue, and the
chasse of the first cheese box originally held cheese.

The Blue Box:
     This is an old favorite of phreakers everywhere.  This box
used to be very popular with college students, especially at
technical schools.  As a matter of fact, Steve Wosniak and Steve
Jobs, were originally in the business of making and selling blue
boxes while still in college.  Fortunately, they have since moved
on to more reputable aspects of the computer industry.
     This box allows the user to make free phone calls anywhere
in the world, from any phone in the United States.  It uses a
system of tones to trick the telephone system into letting the
user seize trunk lines.  Trunk lines are large phone lines from
which all the individual phone lines stem from.  Once a trunk
line is seized, out-going phone calls can be made with no one to
bill them to.
     A blue box emits DTMF tones, which are the same tones which
are heard when dialing a normal phone.  It also emits another
tone, whose frequency is 2600hrz.  This tone is what actually
allows the user to make free phone calls.
     Using a blue box is relatively simple.  First, pick up the
receiver of a phone and dial a toll free number (any number in
the 800 area code).  United States law requires these numbers, as
well as directory assistance, to be accessible from any public
pay phone.  While the phone is ringing, play the 2600hrz sound
into the receiver.  This will make the switching equipment think
that you have hung up the phone.  Do not really hang up the
phone, or you will have to start all over.
     At this point, you have control over a trunk line, and you
can use the other tones on the blue box to dial the number you
are trying to reach.  The billing equipment will not keep notice
this call, because the 2600hrz tone is the same tone that the
switching equipment uses to signal an end of a call.  As far as
the billing equipment is concerned, you have already hung up the
phone!
     Be warned about the safety of using blue boxes.  In the past
few years, most RBOCs (Regional Bell Owned Companies) have taken
steps to monitor blue boxing.  Although, blue boxes still 'work,'
the calls made are also logged by telephone company computers.
The phone company will know the general area from which the call
was originated and also the number which was dialed.  Telco
security officials check these logs, and will question anyone who
receives telephone calls that were blue boxed.  Either stay away
from blue boxes, or only call people who have very short
memories.

The Red Box:
     The red box works specifically on pay phones.  Each time a
coin is put into a pay phone that phone relays an acoustic signal
to a telephone company computer.  Pay phone use sounds to tell a
computer how much money has been deposited into it.  A red box,
emulates those tones thus fooling that computer into thinking
that the user has deposited money into the pay phone.
     Like a blue box, the red box produces tones which must be
played into the receiver of the telephone.  This box is very
simple to use.  Simply, pick up the phone play the correct amount
of tones into the receiver, and dial.  Unlike a blue box, this
box can only be used from a pay phone.  Although this may be
slightly inconvenient, it is a generally safer method of
phreaking.
     Red boxes are similar to use, as well as make.  Radio Shack
sells 'pocket dialers' which can be easily modified into red
boxes.  Personally, I find it a bit hard to believe that anyone
buys pocket dialers for any other purpose.  Why would anyone need
to buy a device which allows push button phones to be dialed?  In
any case, a look inside one of these devices will give an
indication as to how easy they are to modify.  All that has to be
done is replace the quartz crystal (which is conveniently placed
all by itself for easy access) with a 6.5535 megahrz crystal.
     If one chooses to use a modified Radio Shack pocket dialer,
just press the '*' key to emulate a nickel being deposited.  To
emulate a dime press that same key twice, and to emulate a
quarter press it five times.  If pressing a key so many times is
inconvenient, remember that radio shack has provided a memory
function in their auto dialers.  Instead of pressing the '*' key
five times in rapid succession, just program one of the phone
numbers as '*****' to emulate a quarter.
     Red boxing is a relatively safe and easy means of phreaking.
However, at this point in time, phone companies are taking
measures to make red boxes useless.  Pay phones, called phortress
phones, do not accept tonal input from the receiver unless the
proper amount of money has been deposited.  Of course, unscrewing
the receiver and touching a piece of metal to the ends of the
speaker there will take care of that problem (that measure was
used in the movie War Games, however, the film makers left out
the part about the red or blue boxes).  Also, phone companies are
starting to introduce payphones that differentiate between real
coin tones and red box tones.

Hacking Without Using Machines:
Social Engineering:
     Social engineering is the practice of conning people.  For
the most part people are manipulated in order to gain information
or some sort of access.  This is a highly valued skill amongst
hackers, and a quite useful one as well.  Instead of performing
some near super-human feat of arcane Unix trickery, it is often
times easier just to ask someone for their password.
     A surprising amount of critical information can be gained
from conversations with people.  Most tech-support personal, for
example, do not expect to have hackers on the other end of the
phone.  A clever hacker can impersonate a frustrated user and get
such information as dial-ups and publicly accessible logins.  To
most users, this information is relatively benign.  However, to a
certain portion of the computer literate population, this
information can be used to gain control over computer systems
and the data with which they are entrusted.

Trashing:
     Another way of gaining valuable information, and the power
that goes with it, is by trashing.  Trashing is the practice of
going through another's refuse in order to gain information.
Hackers actually get together in groups and go through people's
dumpsters.  I can personally vouch for the effectiveness of this
means of information gathering.  L0Ck allowed me to participate
in a trashing session, and I was amazed as to what people were
willing to throw out (Field Notes 1994: 5).
     The hackers and I set out to go trashing at around 9:00pm on
a Friday night.  The trash in question belonged to local Internet
provider, called XYZ Communications (an alias) located in
downtown Chicago.  There were about ten hackers and myself, and
it took us about a half hour to sift through an entire dumpster.
     Much to my surprise, we found several users passwords which
had been written down and discarded.  Even more shockingly, we
found many credit card numbers of subscribers to this Internet
provider.  Apparently, XYZ Communications has a subscribe by fax
service whereby the subscribers are asked to fax in their credit
card numbers.  Once these faxes are processed they are discarded,
and hackers, or anyone else, can come by and gather a slew of
credit card numbers with expiration dates.  For me, this
experience was a rude awakening.  How many people had I given my
credit card number to, and who had it now?  All of this was very
unsettling, and proved the power of trashing as a means of
information gathering.
     The hacker gang I was with was compiling the credit card
numbers for a prank against XYZ Communication.  They were trying
to alter the XYZ's computers so that when subscribers were looked
up by someone using the finger command in Unix, a message would
displayed about the relative safety of subscribing to XYZ.  Along
with that message, the the subscriber's type of credit card and
expiration would also be displayed.
     The hackers with which I have had contact, considered a
prank a worthy use of credit information.  Although manipulation
of credit card data for personal gain (called carding), would
seem to make sense as a hack, this is not socially acceptable in
this sub-culture.  Carding is the reason behind most hacker
arrests and is considered to be very foolish.  The secret service
is willing to overlook a surprising amount of hacking, but no law
enforcement agency is willing to overlook a credit card thief.

A Closer Look at Status:

     Since this article is about hackers being motivated by a
drive towards high status, it becomes necessary to examine that
high status itself.  In order to understand what hackers are
working towards the folk term elite must be understood.

What is Elite?
     Elite was initially a code word for underground computer
bulletin boards.  As Guido Sanchez, hacker and operator of an
underground bulletin board, said, "I guess the code word for a
pirate bulletin board would be an elite bulletin board.  You call
up and you would say 'hey, can I have elite access?'  You know,
'cause I guess they suspected that law enforcement wouldn't know
how to say 'elite' in a new user application (Sanchez 1994: 1)."
Back in the earlier days of underground BBSing (calling up
computer bulletin boards), elite was synonymous with the illicit
activities which would occur in the confines of certain bulletin
boards.  If someone were to ask for elite access, they would be
asking for access to illicit sections of bulletin boards.
     The Golden Era of Hacking has long since passed on.
According to Datapimp it lasted from 1984 to 1988 (Datapimp 1994:
8).  Although BBSing is still a popular pastime, especially
amongst hackers, the term elite is no longer primarily associated
with illicit activities.  According to maxEpoo, an elite hacker,
the term elite now is "a synonym to "cool" more or less (maxEpoo
1994: 2)."  He also went on the explain that elitness is "a
combination of status and how good you are at what you do
(maxEpoo 1994: 2)."  In this sub-culture people are judged,
ideally, on their technical proficiency.  If you want to be
considered 'cool' in hacker social circles it is necessary to be
somewhat technically proficient.  Elitness is therefore dependant
upon technical proficiency.

The Information Economy:
     In hacker circles elitness is measured by the amount of
knowledge one has.  Knowledge, which is all too easily turned
into power, is also, in the case of hackers, turned into status.
An elite hacker is one who possess a great deal of knowledge.
This knowledge is either in their head or in the form of computer
data.
     Since knowledge is seen as the key to elitness (high
status), it is very highly valued.  So much so, in fact, that an
information economy has developed on-line.  This is how Guido
Sanchez, who operates his own Bulletin Board described the
information economy:

"It's a commodity system, with the pirates, with the adult text
file people, with the virus community.  I mean, I had a board
called Nun-Beaters Anonymous, which is still up, that had all
these viruses on it for free, and usually you would have to get a
hundred file points, which is basically, you upload something,
you get so many file points.  A hundred file points was supposed
to be a lot, and then you get to download a virus.  That's how it
was on most boards.  So many people took advantage of that.  I
mean they just downloaded three hundred viruses from my board and
then just put it up on their own board, and I just completely
flooded the market.  And most local boards still have the
original NBA package of viruses.  I think even Ripco did that
with text files.  And it turned into such a commodity market.
Most people don't even read the text files.  They say 'oh yeah,
there's that new text file,' and they don't even read the thing.
They just use it as commodities to show how elite they are
(Sanchez 1994: 6)."

     Hackers realize the value of information, and they go to
great lengths to possess it.  Whether it be sifting through
someone's trash (trashing), or risking your freedom by trying to
break into government databases.  Information is of such great
value to these people that an economy of information has
developed.  Sarlo echoed the above sentiment by saying, "Yeah,
and basically, if you look at money, that's all that money is is
information.  It is a unit of information, so you know 'OK, so
I'm this rich...'  It's basically a conceptual (Sarlo 1994: 6)."
     It is not very difficult to see parallels to the information
economy in other aspects of life, apart from computing.  For
example, as a college student, I pay a great deal of money for
the privilege of obtaining information.  My tuition is, in
essence, a monetary sum attached to the quantity and quality of
information I am supposed to obtain.  Data can be given a
monetary value and be traded like any other commodity.

How do hackers become elite?
     Elitness is an acquired status.  Elitness is a knowledge and
the technical proficiency which comes with it translated as
status.  This technical proficiency has to be demonstrated in
some way or another in order for an individual to be considered
elite.  A hacker must some how acquire a knowledge base and then
demonstrate this knowledge to his or her cohorts.
     Usually, knowledge of general computer related subjects is
picked up the same way non-hackers might learn it.  Hackers learn
about computers through books, classes, and personal
experimentation.  Knowledge of hacking, in particular, comes from
other hackers, either through conversation or text files traded
on bulletin boards.  Hackers usually get that knowledge by
experimenting or by asking other hackers.  Chanda Lier, for
example, being a female got others to give her hacking
information quite easily.  According to an interview in Phrack (a
hacker magazine) "She was dumbfounded, and being female, there
were 30 guys on the conference ready and willing to provide her
with information as to origins of loops, conferences, boxing,
etc.  Scott (Hack-Man) later filled her in on the rest, gave her
more numbers and such and that's where it [her career in the
computer underground] all began (Phrack 23)."
     Hackers are often unwilling to give advice to those who are
not already technically proficient.  MaxEpoo described his rise
to elitness by saying, "initially, when I first started, I got
mine [elitness] from bullshitting people into believing I was
already a very good hacker/whatever.  Eventually people got word
and I just moved up from there... I was actually very out of 'the
know', but I got inside info from people who thought I was
'elite' or cool (maxEpoo 1994: 2)"  As in the cases of maxEpoo
and Chanda Leir some social engineering (either in the form of
feminine wiles or social engineering) was required to get more
knowledge.

Conclusion:
     Hackers want to become elite.  Everyone wants high status,
and in hacker culture high status is measured by the amount of
information one has.  Since, in this culture, information is the
key to status, and information is also a means to get power (the
old adage knowledge is power is very true in hacker circles), an
information economy has developed.  Hackers trade information in
hopes of getting more information and thus becoming more elite.
Elitness/high status is based in information.

Afterward:

     Hackers hack for a variety of different reasons.  They are,
after all, human beings with all the personal baggage that goes
with that status.  Not all hackers are alike.  Some hack for
prestige, some for intellectual curiosity, and some for reasons I
probably cannot imagine.  Intentional Misuse, for example,
expressed that his hacking is much more "passive" then that of
most hackers (apparently some hackers are into machismo) (Misuse
1994: 1).  With regards to his own hacking, Guido Sanchez said,
"There's somethings that I'll hack for.  I'll hack for women; I'll
hack to get inside a girl's pants, but I won't hack for America,
ok?  Now, I'm not exactly sure why that is... (Sanchez 1994: 2)"
MaxEpoo compared his own hacking to playing a sport, except that
people "don't get arrested for playing most sports (maxEpoo 1994:
3)."  Hackers are human beings, and although I have tried to
express their hacking as a prestige/power/wealth gaining
enterprise, it is important to realize that hackers have their
own reasons.
     Although elitness a part of hacker culture, it is far from
being the only thing.  Computer technology has sped up
communication so much that cultural history can now travel at the
speed of light.  As Datapimp said "it's hard to do write anything
on us cause we can literally change from day to day (Datapimp
1994: 7)."  Hackers have lightning fast communication at their
finger-tips.  By the time pen meets paper, or even fingers meet
keyboard, any ethnographic data is pretty much out of date.
     Hackers, when I knew them, were a really good example of how
data can be translated into status, power, and wealth.  They used
their knowledge to get status in the form of prestige from other
hackers.  They also used their knowledge to get power over their
environment (hacking systems that normally have power over most
people, like the phone system).  Finally, knowledge was even able
to be translated into money with lucrative consulting jobs.  Not
only is knowledge power, but it can also be prestige and wealth
too.













Works Cited


Blootin
     1994/11/25 interviewed by Roger Blake, at Willard Hall

Datapimp
     1994/11/12 interviewed by Roger Blake, on IRC

Intentional Misuse
     1994/12/1 interviewed by Roger Blake, at the 3rd Coast Cafe

maxEpoo
     1994/11/30 interviewed by Roger Blake, on IRC

Phrack Magazine
     1989/2/25 Issue 24, available via
        ftp://ftp.eff.org/pub/CuD/Phrack

Safian, Roger
     1994/10/26 interviewed by Roger Blake, in his office

Sanchez, Guido
     1994/10/16 interviewed by Roger Blake, in Burger King

Sarlo,
     1994/10/16 interviewed by Roger Blake, in Burger King

Schwartau, Winn
     1994, Information Warfare, Thunder's Mouth Press



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH