This week we’re back with Hacker Crackdown: Part II! The caliber of last week’s comments was exceptional, but the level of participation planed off, and I’ll risk a guess: The Mentor’s Manifesto was more likely encountered as part of any given reader’s childhood—or, if not, easily skimmed at just over one page long—and therefore drew more interest. Crackdown, however, is perhaps less familiar. You also needed to read over 50 pages for last week (100 for this week). I list these things not as an apology or a rationalization, but as an attempt to better serve the community by providing accessible content. If you can’t commit to a lengthy reading, that shouldn’t exclude your participation.
This week, I’m adjusting the format to focus on key quotations from the text. Never even heard of Hacker Crackdown? No problem! Stick with us after the break where you’ll find all the relevant issues in a brief outline, then join us in our discussion!
0. From Last Week’s Discussion:
As usual, I’ll begin by addressing some of the comments from last week.
[Dan] raised a useful question about what I contribute to the column. Rather than list my immediate personal opinions on [Sterling’s] work, I referenced [Jenkins’s] response (concerning death of media vs. death of delivery systems). I do feel that my role should include drawing on other important and relevant works, and [Jenkins’s] critique of the Dead Media Project helps illustrate the shortcomings of [Sterling’s] perspective. If I veer too far into a digression, however, I apologize. Please continue to keep me in check in this regard, and I’ll try to keep this week’s response free from too many outside authors.
RE: Q1 (Parallels to Mentor’s Manifesto?)
Most agree that teenagers are prone to mischief, but both [dan] and [Dynamo Dan] explain these instances should be considered in context. We will actually encounter “Manifesto” in this chapter of Crackdown, as well as several references to the [Mentor] and his involvement in LoD. (Legion of Doom)
RE: Q2 (Contemporary threatened communities reacting violently?)
[Quin] brought up the fall of GeoCities, explaining that a number of important resources (relating to the 3D program POVRay) vanished with its dissolution. A lack of clear licensing meant limited online reproduction of the material, and several FAQs found themselves gutted, without functioning hypertext links. As she remembers it, however, there was little resistance from the community; they instead saw the event as inevitable and carefully addressed the problem. Perhaps the drawn-out closure (such as the decline of MySpace and others, as [Quin] mentions) offsets the harsher reactions, whereas immediate loss of—or even threat against—a community produces a more volatile response, (such as [Dynamo Dan’s] mention of recent NSA concerns).
RE: Q3 & Q4
I’ll shelve my comments for the third question until we can get to [Deleuze] (though your comments are certainly worth discussing). The fourth question was directed at anyone who may have directly experienced the events of the chapter, perhaps working in the telco field. Unfortunately, they kept their silence this time!
I. What’s important for this week’s discussion?
As I mentioned earlier, this week’s format is different. I’ve divided the response into three topics:
Digital Theft:
A recurring challenge for [Sterling] is navigating online rights and, in particular the boundaries of what defines “theft.” Early in the chapter he identifies the Youth International Party (or, Yippie Movement) of the 60’s and the 70’s, as predecessor of the hacker underground. Their distaste of authority culminates in [Abbie Hoffman’s] novel Steal this Book, which advocates an unconventional dismissal of the establishment. Whenever [Sterling] mentions the copying of digital files, he tends to indicate that the law is rather vague and complicates typical notions of theft.
Defining Terms:
Earlier in this series I suggested the negative connotations associated with illegal hacking activity are inseparable from the positive connotations we prefer to champion. [Sterling] agrees, explaining even he is complicit:
Naturally and understandably, they [traditionally defined hackers] deeply resent the attack on their values implicit in using the word ‘hacker’ as a synonym for computer criminal. This book, sadly but in my opinion unavoidably, rather adds to the degradation of the term. It concerns itself mostly with hacking in its commonest latter-day definition, that is, intruding into computer systems by stealth and without permission. [1]
I think his most important observation, however, comes just after this comment:
‘hacker’ is what computer intruders choose to call themselves. Nobody who hacks into systems willingly describes himself (rarely, herself) as a ‘computer intruder,’ ‘computer trespasser,’ ‘cracker, ‘wormer,’ ‘darkside hacker,’ or ‘high-tech street gangster.’ [2]
This distinction is perhaps the key explanation behind why the term maintains its negative connotation. Further, [Sterling’s] discussion is aware (both here and elsewhere) of the digital divide and that white teenage boys dominate the hacker demographic.
Elsewhere Sterling will contrast “hackers” and “phreakers,” explaining that the latter category of phone users do not necessarily possess any particular skills (he does not explicitly invoke the comparison of “script kiddies,” but his comparison is similar). In this sense I feel Sterling begins to blur his terminology a bit too far, especially considering later discussions of other phreakers.
Information as Commodity:
A few other terms pop up to define the hacker, including “elite,” which carries with it a connotation of exclusion: the hacker has toiled to gain knowledge that he withholds from the uninitiated. By the 90’s, information has evolved not only to a position of power but to a position of access (again, relatively speaking; don’t forget the digital divide). Forbidden knowledge is of particular value:
Hackers are very serious about forbidden knowledge. They are possessed not merely by curiosity but by a positive lust to know. The desire to know what others don’t is scarcely new, but the intensity of this desire, as manifested by these young technophilic denizens of the Information Age, may in fact be new and may represent some basic shift in social values-a harbinger of what the world may come to, as society lays more and more value of possession, assimilation, and retailing of information as a basic commodity of daily life.[3]
I find this the most clarifying. It not only helps define “hacker” in terms of the shift in access to information and a zealous desire for it, but this passage directly reflects the musings of [The Mentor]. The mere offer of that knowledge is intoxicating, and comes through a single portal right in one’s home. I’ve been thinking about what prescribes value to any given set of knowledge and how that applies here; I suspect many of the documents mentioned in Crackdown remain freely available and now lack the legal ramifications attached to them in the 90’s. They aren’t relevant to the infrastructure anymore, so who cares? The ravenous desire for information applies when that information is volatile.
Sharing of information is equally crucial to [Sterling’s] idea of a hacker:
The way to win a solid reputation in the underground is by telling other hackers things that could have been learned only by exceptional cunning and stealth. Forbidden knowledge, therefore, is the basic currency of the digital underground, like seashells among Trobriand Islanders. Hackers hoard this knowledge, and dwell upon it obsessively, and refine it, and bargain with it, and talk and talk about it. [4]
To some extent, Hackaday resembles that trend: perhaps not as volatile nor as forbidden, our community thrives on sharing (and, to some extent, on bragging). Our entries certainly amount to a hoard of information, but the “commodity” tinge may have lost some of its bite. Instead the community has turned toward an Open Source model, which favors sharing over selling and preserving (or collecting and maintaining) over hoarding.
II. Questions for this week
1. How far has our legal system come in better defining digital theft? I ask primarily because I haven’t looked into the issue recently. I know many laws are outdated (yet still invoked). Has the situation become any more clear, and whom does it favor?
2. [Sterling] explains the E911 document’s pivotal role in the authorities’ crackdown of 1990 by carefully framing the perspectives of those hackers involved: they were curious, not malicious. Aside from better securing the document itself, what’s the alternative to addressing critical systems information like the E911 file? Our community often criticizes obfuscation as a weak means of security, but should the entire 911 infrastructure be open source? How do we maintain barriers to entry? (I suspect there’s an argument to be made in favor of the idea behind the “extreme specialization” [Sterling] mentions on page 96).
3. Hackers of the 90’s were notorious braggers, it seems, to the point of getting themselves caught. How much has the culture of bragging shifted over the past 20 years? Obviously Anonymous and AnonOps has reshaped the “face” of activism in a unique way, but anonymity tends to break down and eventually lead to some kind of legal action. Or does it?
NEXT WEEK:
Let’s keep pushing through this book: read Chapter III of The Hacker Crackdown, “Law and Order.”
NOTES:
[1] Bruce Sterling, The Hacker Crackdown, (New York: Bantam Books, 1992), 55.
[2] Ibid, 56.
[3] Ibid, 81.
[4] Ibid, 59.
Hacking & Philosophy is an ongoing column with several sections:
- October 28th: Hacking & Philosophy: An Introduction
- November 4th: The Mentor’s Manifesto
- November 11th: Sterling’s Hacker Crackdown: Intro & Part I
- November 18th: Sterling’s Hacker Crackdown: Part II
- November 25th: Sterling’s Hacker Crackdown: Part III
- December 2nd: Sterling’s Hacker Crackdown: Part IV
On the subject of reading. Any hacker that scoffs at reading a lot should really work out what is keeping them from doing so. That’s most of what we and any other form of engineer does, read through mountains of information and pick out the important parts.
Well, having been involved back in the 80’s, I can say a lot of the culture from back then was more of curiosity than of malice. D-Dialers were a culture unto themselves. Many are still into computers today (myself included) but some no longer are, having been claimed by Death, or by the complications of todays lives. As a hacker, I don’t think I could ever learn too much. I think a lot of the stuff you see today is a result. Back in the 80’s you had to be a telco insider to get an address for a telephone number, even a listed one. Nowadays, you can just 411.com it. Phreaking too has sort of fallen by the wayside. Nowadays, with a cellphone, you can call anywhere in the country for free (as long as
you pay your monthly cell bill) and have a crystal clear digital connection.
Sadly, no kid today will ever hear the wonderful sounds the Bell system used to make.
These days, you don’t need the assistance of 2 operators to make a long distance call, and I’d bet no one calls the phone number that gets the local time. I’m just glad I was a part of it all.
It’s really great to hear this perspective; just the mention of the local time number caused a wave of nostalgia.
I’m curious: is the passion still alive for you today as a hacker despite all the changes? (or because of them?)
It’s still alive for me. There is always something to learn, but to go back to those days….
“I’d bet no one calls the phone number that gets the local time. I’m just glad I was a part of it all.” Nope! Our cell phones do it for us, they obtain the time from the network, and there *must* be a statistic of people using their cell phone as a clock. Just look at the default android screen, it’s a clock. ;)
“Nowadays, with a cellphone, you can call anywhere in the country for free (as long as
you pay your monthly cell bill)”
How is that free? Thats like saying you can get a burger at a burger shop for free (as long as you have the correct change) :/
I dont think phreaking is dead as such, its just changed, like everything really. At least in australia i know there is still a strong phreaking comunity, just as long as you know where to look that it.
It could be what he mean was that there is no long distance charges separate from the regular bill. I.e. local and long distance is all the same with cell these days afaik. If you have an unlimited plan, then it seems “free” because there are no per-minute charges at all.
One nostalgia-type thing I remember from the earlier days (and this was in Canada, where there was “Bell Canada”) is that you could dial your own number and hang up, and a second or so later the phone would ring. It would continue ringing till you picked up, but then dead silence, as nobody but yourself was on the “other end”. Fun trick to play on mum! But soon into the 80’s this hack disappeared sadly.
Regarding unlimited minutes being “free” — there is something to this in a sense. A friend of mine jokingly said something like this: “hey we gotta get off the phone, or else you’re going to use up all my unlimited minutes”
how bizarre i just recently bought this book and had no idea HAD was having a discussion about it, pretty neat stuff in there, its almost foreign to the current generation.
i have a first edition hard back :) – it’s more journalism/entertainment, not academia, but none the less enjoyable – just another one of those things that amke you feel old
On digital theft:
Personally, I like streamripper. It is apparently protected by the same laws that protect recording from the radio or TV like the tivo boxes etc. Seems like a simple premise, machine A or B in my possession can replay what machine A in my possession played once before. Distribution / rebroadcast a completely different matter, of course. However, the recording industry still doesn’t *like* it, and online radio still tries to outsmart SR. But, the legal system has drawn some lines, and seems to have done favors to both producer and consumer.
On information as a commodity:
This idea isn’t new for this century, the last one, or the last few millenia. It predates the printing press. Scribing books by hand was for an elite group at one time, and books were very expensive. Regarding “forbidden information” there is a very interesting story from 2500~ years ago about leaks of military secrets, which I think so fascinating, for those who know how to find it.
Ok, points 1 – 3:
1. For me, the industry (with its teeth in the legal system) made progress in the area of copyright infringement. The industry has abstracted away the issue of media, mostly. For example, Microsoft installation media, I was told by a certified partner that MS isn’t so concerned about spreading around copies as they are legally licensed installations. The premise is simple. If everyone is satisfied (in other words, market is saturated) with unpaid copies of something, anything, the company that worked hard to produce it won’t make a living trying to sell the copies. They have to either go to law, or figure out another way to make a living by supporting or some other method. The freeware/trialware model has really matured, but I think these are all industry responses more than the legal system itself.
Another way that the industry has backhandedly defined digital theft is their infiltration of peer-to-peer networks with viruses. (Yes, I think they do it!) Anyone remember napster and kazaa? Those were so full of viruses, and I think RIAA and friends was behind much of it. Premise simple: If you got a virus from downloading an illegal copy of something, who would you complain to? The police? Microsoft? It’s along the same lines as a story of a quaker farmer that put water in his own fuel tanks to catch a thief. He found the thief stalled just down the road, and said gently to him “my friend thou oughtest beware of where thou gettest thy gas”.
2. I’m getting a little weary of the mixup between curiosity and malice in this book and elsewhere. Generally, as ignorance (or the pretense thereof) increases, so does the blurring of the line between curiosity and malice (short for maliciousness). For example, regarding Jobs and Woz, Sterling says “blue-boxing was scarcely perceived as theft.” Perceived?? Were they really that ignorant? The only way you can justify blue-boxing as “just a curiosity” is to ascribe some ridiculous level of ignorance and stupidity to those doing it. Even though an intruder doesn’t see, perceive, understand any immediate harm in his unauthorized access (the tree falling), does it mean there isn’t (or won’t be) a crash? If the tree didn’t fall on me or anyone else, then falling trees must not be dangerous?
How can any behavior (whether right or wrong) be accepted as curiosity? Only two ways that I know of: a) true, genuine ignorance, or b) feigned ignorance.
3. I think the reason they bragged so much is that they didn’t fully grasp the concept that cyberspace is a “real” place. The same thing is happening today on social networking sites like facebook, people just blathering out everything they know, subconsciously thinking that the repercussions don’t reach back into the “real” world. Freedom of speech, why yes of course! Say whatever you want, it helps the cops profile you and locate you. [/sarcasm] Maybe free speech is promoted by governments as a social engineering strategy to learn what it’s subjects think?
our legal system has somehow become completely backwards at defining digital theft.
I would personally rate a description of an offence against the nature of the offence.
for example, if I walked into your house through an open door then at best I’ve trespassed.
If I broke a window to gain entry then I’ve done something more serious.
if I photo copy a companies staff book or design book etc after I’ve broken in then I have stolen information, (in so far as I’ve taken something that has a value, whilst not having paid for that value). there is an important distinction between stealing a car and stealing a movie.
the same thing can be true of a computer, a crime is a crime, but the seriousness of the crime, and thus the punishment must depend on the intent.
we already cater for this in other laws, it doesn’t matter if it’s manslaughter or murder someone is still dead.
as for the law, unsurprisingly the law favours those who are able to lobby the most, the people with the best access to politicians are generally not the people who are sitting at home downloading movies. generally they are the people who are well paid executives who can afford to take a politician on holiday to discuss their “special interest” that’s just an unfortunate effect of the political system within which we live.
(did this thread loose some comments, I’m sure that there was a conversation about open source E911 systems)
I’m a big fan of open source, a big fan of sharing ideas. so a huge part of me thinks, Yes the emergency system should be open source.
even if you’re not a fan of open source for the sake of it, . my tax dollar helped design it, I want to see the plans that I paid for.
Sadly, there is no reason to open source emergency systems.
OSS suits small dynamic businesses, (see how many new businesses pop up around 3d printing? it suits small cottage industry, where people are making things, design revision on day 9 can be incorporated in the manufacture in day 10.
the government is not like this.
security flaws found in day 9 might see work starting on a patch in days 10, but that wont be complete for a while, and even if it were it’ll need to be tested and tested and tested some more, then there will need to be a controlled rollout. but day 375 the flaw may be fixed.
and in that time there have been known weaknesses exposed for a year.
OSS can work, but government is not a place where it can work…
So really Yes anything produced by the government should be available to the people.
however in reality when security through obscurity is not a bad 1st line of defence.
I don’t believe that the hackers bragging is what led to them getting caught. at least that’s not how I read it, it may have inflated a charge sheet, but it’s proper police work that led police to hackers doors!
there are still braggers, there are still people who think that they are anon, but they end up getting caught.
it reminds me of a few years ago a forum I frequent was hacked, in their bragging nature the “hackers” just changed the home page to point to their site, with a message saying hacked by xyz.
it took 2 hours to take those nick names, and look up details, of other sites that were hacked, the sitesthat they pointed to, posts on forums where they asked for help. domains led to names, led to street addresses.
the next thing the would be anonymous hackers know is aerial photos of their houses are being put up on the forum.
on the subject of hacker philosphy…
>>”Ever since telephones began to make money, there have been people willing to rob and defraud phone companies. The legions of petty phone thieves vastly outnumber those “phone phreaks” who “explore the system” for the sake of the intellectual challenge. The New York metropolitan area (long in the vanguard of American crime) claims over 150,000 physical attacks on pay telephones every year! Studied carefully, a modern payphone reveals itself as a little fortress, carefully designed and redesigned over generations, to resist coinslugs, zaps of electricity, chunks of coin-shaped ice, prybars, magnets, lockpicks, blasting caps. Public pay- phones must survive in a world of unfriendly, greedy people, and a modern payphone is as exquisitely evolved as a cactus. ”
I can’t be the only one who read that and thought that it’d be a lot more interesting to design the fortress than to try to break it. (certainly involves a lot more thinking and testing etc).
“if I photo copy a companies staff book or design book etc after I’ve broken in” @dan this is a good concept, and thought provoking. I think there has been a good bit of progress made on the distinction of law between patents, copyrights, and trade secrets. The design book would be protected under trade secret law, which the E911 document *may* have been protected under, had those laws been fully tested at that point (they certainly would have existed). Basically trade secret law says that if the owner takes accepted precautions and technical due diligence to keep their trade secrets, then the leaks of it will be punished similarly to theft. I think it a little absurd for Sterling to get confused about whether the E911 document leak was theft or not… just because it was a copy and the original was left intact, doesn’t mean it wasn’t “stolen property”.
In some very old-fashioned sense, yes, theft would mean taking something with the effect that it ceased to exist in the location you took it from, sort of like the cavemen, “hey where’s my tomawak, I put it right over …. HEY you took my tomahawk, give it back!!” But honestly, were they still fumbling with the idea of information leaks as being theft (or not) in the 80’s and 90’s??