I Was a Teenage Hacker

HotWired Washington Bureau Chief Declan McCullagh reveals the sordid truth about how he spent his teenage years in this article published by IntellectualCapital.com. But Declan is not nearly as sympathetic to the current generation of crackers (who will continue to be called "hackers" in the non-geek press no matter what you or I say) as the headline would lead you to believe. Here's a quote: "Oh, I know. I have become a humorless curmudgeon who cannot appreciate hackerdom's stellar exploits when I see them...."

Lying... (re: He was not a teenage hacker)

[DemianJ]

I went to college with Declan at Carnegie Mellon. He was an outspoken member of Student Goverment. His skills lie in communication and writing. I highly doubt he was a teenage hacker, but clearly he knew many people who were. He has associated with enough people of technical prowess to be able to write about it rather intelligently.
I get a kick out of reading his articles, because I knew him. But I don't buy into his attempt to gain credibility by making up some fictional past.
Real credibility is judge on current works and perspective, not some attempt to make up some common history with one's audience.

Re:Lying... (re: He was not a teenage hacker)

[Baka]

I also went to Carnegie Mellon with Declan - the memory of him that most sticks out in my mind was when he tried organize a rally at CMU when the administration blocked access to some of the usenet groups (specifically the alt.sex binaries groups). He got someone from the EFF to come speak, held the rally in front of the university computing center, and made it out to be a real freedom of speech issue. Of course, the rally was a misreable failure, both in terms of attendance and effect. The university was afraid of lawsuits , so it would have taken an act of god to get them to change thier minds, and not the 50 or so people who showed up. And in many students eyes (including my own), it really wasn't a freedom of speech issue, and we just didn't care since very few people actually used the alt.sex binary groups. Declan seemed to be alot more concerned with the issue than the reality of the situation

Old School: Codes of honor

[Tackhead]

As I recall from my misspent youth, our code was something like this:

If it's military/government/medical - don't fsck with it. Don't even attempt entry. It had nothing to do with the cops - just the realization that some systems just might be mission-critical, and the consequences of a mistake ("Oops, my new command shell turned itself into a fork bomb") were too grave.

Once in, don't damage anything. Don't touch user data. Don't interfere with the operation of the system from the end-user's perspective.

On your way out, clean up your mess. Undo your backdoors as much as possible, and always attempt to tell the sysadmin what holes you used to get in so he can fix 'em before the next group of wanderers shows up.

I learned a lot about various operating systems during this phase. Where else would a protogeek in the early '80s be able to play with VMS and UNIX other than on someone else's machine through an X.25 network?

On software, yes, my friends and I cracked. We learned a lot of assembly language during this time. To this day, I still have, on a bookshelf, about half of Infocom's product line, and all of Sir-Tech's. I purchased every single box on that shelf. There were cracked Infocom games out there, but we ended up developing a crack that beat the "normal" crack by a country mile. We ended up admitting defeat on Sir-Tech's Wizardry; someone else published the crack that beat its nibble-counting scheme before we finished disassembling the code. (Then we just went back to playing it :)

But y'know what? We learned a hell of a lot about programming in the meantime. When we weren't cracking, we were writing our own code - versions of Life, adventure games, graphics hacks, whatever we felt like doing. We started off as crackers (of other people's software and the occasional system), and learned what we needed to know to end up as hackers (of our own software).

Someone posted an interesting comment on the intellectualcapital.com site - suggesting that today's crackers' efforts would be much better spent on using what's available to create something new, rather than idly DOSing web servers. I echo those sentiments. Nobody has to break into someone else's computer to have access to a modern operating system / compiler / better-than-a-1-MHz-8-bit-CPU. The power my friends and I once spent hours trying to get access to is now available to anyone, and it's available for free - as in beer and speech. Get out there and use it. If you must break into someone else's system, you've got the option of doing it as a friendly competition amongst your friends on your own network, a'la "Capture the Flag" at DEFCON. Besides being legal, it's a hell of a lot more challenging and fun when your opponent actually knows what he's doing!

(Yeah, yeah, I know I'm preaching to the choir here... but hey, isn't that half the fun of /.? :-)

Labels are for idiots

To my dying day I will never understand why a community with above-average intelligence and creativity will spend hours on end WHINING about the misunderstanding of the hacker/cracker term.

Its all junior high "I need to belong" bullshit.


I code C, I must be a Hacker/Geek.
I played varsity volleyball in college, I must be a Jock
I own a pickup, I must be a redneck

Take some pride in your indivdualality (sp?)
my name is jeff

Hacker vs. Cracker

[MythoBeast]

The history of the linux and open source movement has been plagued by the gap between what we, the coders, want to produce and what the general public (PHB's in particular) actually wants to use. I suspect that the terms "hacker" and "cracker" is another example of this. Maybe we should give up the attempt to convince the overwhelming majority that their opinion is wrong and come up with a term to replace "hacker" for ourselves.

Personally I favor the term "digirati", derived from literati.

Re:Hacker vs. Cracker

[mdxi]

I can't agree with you on this one...

Everyone I have ever seen who had the label "digerati" applied to them were the kind of people who think that WiReD is cool, describe themselves as "working in New Media" and generally like to talk about "the development of digital nervous systems" and "populating cyberspace" rather than actually DOING anything.

In other words, "digerati" is equivalent to "wannabe loser dork" in my mind and has been since I first saw it several years ago.

Also, am I the only one who thinks that using the preface "cyber" with anything other than recognized constructions like "cybernetics" which predate widespread popularity of the Internet a sure sign of loserhood? Just curious...

--

Re:Hacker vs. Cracker

[Xepo]

You're right, it will give us a certain "bad ass" quality to be known as hackers, but is that what we really want? All of the best hackers I've known have gone by a code of honor not to change anything on a remote system that they broke except the data that would allow them access back to the system, and the data that would keep them from being caught(logs, etc.). This dosen't exactly portray that we need a "bad ass" quality. Hackers themselves aren't out to hurt people, or damage systems and cause losses, they're out to explore and learn, its the script kiddies/crackers that are out to hurt/cause loss.

I completly agree with the idea of using a different name for hackers, but will the media begin using it? I don't really think it matters what we call ourselves, the media will still see anyone who can break into a system as a hacker.

Re:Hacker vs. Cracker

[TheRain]

This idea has been stated before here on slashdot. It could be benificial to do so (give it a new term) but the problem is we are not a democracy. There is no "official" term, and there will always be people who dissagree with the idea. So call it what you want, and everyone else will call it what they want.

Ah, so that's who did it.

[Chris+Burke]

As if the 80's weren't bad enough, now we can blame them for the current confusion on the issue of 'hacker'.

Think early 70's. Think MIT. A hack was a clever piece of code. To hack was to write clever pieces of code. A hacker was someone who hacked.

Sadly, at some point they gave in to your newbie BS (due to being outnumbered), and the common usage of the word was changed. Now people are just trying to change it back.

I like the old -origional- definition more. Sorry. Then again, like most hackers, semantics don't bother me much (just enough to post on /. -- big deal). I can figure out from context what someone means by 'hacker'.

Re:Ah, so that's who did it.

[Trepidity]

That still doesn't give you an excuse for misusing the term "cracker" to apply to people who break into systems. The term "hacker" applied to such people dates from the late 70s, which the term "cracker" to apply to such people dates from around 1985, according to the Jargon File.

Re:One last time...

[William+Wallace]

I'm not old school, but your definitions make
much more sense to me than the definitions that
CmdrTaco and some others throw around. Crackers
to me always implied people cracking software
protection as well.

Plus I'm sick of reading "They used the word
hacker incorrectly!!" for every single mainstream
post that is listed on /.

LET'S MOVE ON. It's pretty clear that hacker is
now synonymous with someone that *hacks* into a
computer system, for good or evil. What is the
point of dividing this up?

It's like trying to explain to someone that you
play the cornet, not the trumpet; the
euphonium, not the baritone; the english horn, not
the oboe. You drive a jeep, not a truck. You live
in a condo, not an apartment.

The important thing is: you KNOW what these people
are talking about; you know what they mean.

-WW
--
Why are there so many Unix-using Star Trek fans?
When was the last time Picard said, "Computer, bring

Glorification of crackers?

[CrazyLion]

I completely agree with this article. Portraing crackers as "cool" is hardly justifiable. I think the reason why its happening is because majority of people do not use internet for essential day to day activities. When people can't buy groceries because somebody chose to put "3l33t 5cr|pt" on the page - their attitude towards crackers would change very quickly.
Another argument I have a problem with is stating that crackers are good ebcause they show flaws in existing systems. Yet, I haevn't met anyone who would say that car thieves are doing a service to society because they show how inadequate car alarm are. Or murderers being praised because they show flaws in law enforcement system (yes, a crime very different in magnitude, but this is the same argument). Again, in my opinion internet is viewed differently from real world because people do not rely on it for living (well, the majority of people doesn't).

Re:One last time...

[Trepidity]

Using the term cracker to refer to people who break into computer systems is indeed "newbie BS," dating from around the mid 80s. Using the term "hacker" to refer to these same people dates from the 70s, and using the term "cracker" to refer to people who break copy protection dates from the early 80s at the latest, so both predate the Jargon File's circa 1985 misuse of the term "cracker."

Why the labels are important.

[CJ+Hooknose]

To my dying day I will never understand why a community with above-average intelligence and creativity will spend hours on end WHINING about the misunderstanding of the hacker/cracker term.

Let me try to explain, then... The actual names we have for things are extremely important, because the sound of the word as it's spoken, as well as the connotations the word has (if it's a word with several meanings, as "cracker"), tend to enforce a particular idea. GM found this out the hard way when they tried to sell the Chevy Nova south of the border--"No va"=="doesn't go" in Spanish. And I think "cracker" has failed in the mainstream press because it already has several other meanings, "big dumb redneck" being one of them.

Besides, being neurotic about labels and having the exact right name for something is a well-established computer-person trait. Having a compiler grind to a halt because of a missing ; or a call to "Printf()" may have caused this....

(All of this is, of course, just my misguided opinion.)

It's only comparble to graffiti

[garyrich]

Really. Most of the hacks he's talking about (and you are with your grocery example) are just high tech graffiti. As such it needs to be judged accordingly.

Nobody likes the plastering of gang signs over every surface that we see so often. If they go to jail for a few weeks for it - fine by me.

There is also the whimsical graffiti ("Frodo Lives!" in the NY subways many years ago).

There's also "political" graffiti. If someone paints "Saddam, Feed your People!" in 4 foot letters on a Iraqui gov't center, I can't call him a criminal. Maybe you can, I'm sure the Iraqis would.

At worst it's "misc. mischief" - a misdemeanor in
the US. It's not "vandalism". The graffiti gang member has to get access to the busyards to do his tagging (all right, add breaking and entering) and could just as easily have broken out all the windows and destroyed the busses. They don't, and niether do the script kiddies that put stupid messages on web sites. They deface, but don't destroy. Often (like the Seti hack of last week) they have even backed up previous content themselves - but anyone that doesn't have a good recent backup of a commercial site is a total moron.

Get over it. This is not car theft, murder, a threat to national security or any other silly BS. It's the trivial stuff kids do an have always done, just with new tools (spray paint was also a new tool). These kids should be grounded, their allowance taken away and have to clean up trash on the hiyway on the weekeds. And then we ---- MOVE ON.

garyr

The Number of hacks

[delmoi]

Have you ever noticed that whenever anyone starts to talk hacking, they always mention how the number of hacks is increasing, the number of breaking *doubled* since 1997 or whatever?
Is it just me, or is this completely natural, and expected? I mean the *Internet* itself is growing at an amazing rate, why should we expect that a property of networks, hacking, should become less relevant?
Saying that the number of break-ins has doubled in the past year is like saying that more people are murdered in LA than in Kelly Iowa (something like 300 people).
what this is, is FUD as far as I'm concerned, if you can't spit out some *relevant* numbers, then you don't deserve to be listened to (like the number of hacks/host, or the number of hacks/user. And if the *rate* of increase in hacking is higher or lower then the rate of growth of the Internet)
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

One of his comments...

[rnturn]

``For one thing, classified information is almost never on computers connected to public networks.''

... made me think to myself:

Who is the real criminal here: A)the cracker who breaks into a computer containing classified information that's connected to a public network or B) the jerk who allow the computer to be connected to the public network in the first place.

While the former is usually going to be found guilty of some sort of computer crime, IMHO, the latter is a clear violation of the regulations of any level of security clearance that I've heard about and is, I think, a felony. If any govt. agency allows this to happen and go unpunished or is stupid enough to not have a policy in place to guard against such a situation, that agency deserves to have information stolen.

Yah, yah, yah... I know. Just because the door isn't locked isn't an invitation to come in and vandalize the place. But how would you feel about a bank that left the vault unlocked? Would you have real pity for a jewelry store whose employees left the place unlocked while they went out to lunch?

The Norwegians have it right.

AFAIK only Norway has a sensible policy about computer intrusion: "if you link it, you assume responsibility for the links." If someone can post (in English, please?) real details about Norway's computer-intrusion laws I'd be grateful.

I will bet $.02 (the value of this post) that inside five years Norway develops an extremely capable computer security industry.

All this other chatter is just that. Sorry, but the Internet is not very regulable, and attaching moral stigma to creative play with the world's largest toy is doomed to failure; besides, it's like the grownups telling my generation not to do drugs. I can spare no pity for anyone who puts his pretty new Web site up on a leaky server. And yes, a server I'm responsible for was cracked. That was my fault, because at that time I knew almost nothing about Linux, or service ports, or firewalls. I learned.