Inside the Hacker's web: Observer
From
"John Armitage" <j.armitage@technologica.demon.co.uk>
Date
Mon, 14 Feb 2000 13:22:35 -0500
[: hacktivism :]
see http://www.mixter.void.ru/
for more info
Inside the hacker's web
The computer genius whose virus crippled global websites has defended his
creation.
Arnold Kemp and Burhan Wazir
Sunday February 13, 2000
The Observer
The man who calls himself Mixter is a German who has been in trouble with
the law, but claims to be on the side of the angels. He is the inventor of
the cyberweaponry which last week brought chaos to at least seven of the
world's most important websites.
In an electronic interview with the New York Times, Mixter, who identified
himself only as a 20-year-old German from the Hanover area, said last
week's attacks had been 'stupid and pointless'.
He defended his publishing of the cyber disruption program 'Tribal Flood
Network' on the Internet four months ago as a necessary step in the
evolution of defensives measures which the Web must develop against the
army of black-hat (malign) hackers motivated by mischief, spite, greed or,
more honourably, by a desire to keep the Internet free from commercial and
political control.
While Mixter said he was 'not trying to play down the negative aspects and
dangers of this decision', he called last week's attacks 'an inevitable
price to pay to be able to develop counter-measures and fixes'.
He said that security sites on the Internet were posting details which
meant that 'everyone has an equal chance of informing himself about them
and coming up with counter-measures'. This was 'only fair' because
everyone on the Net could be affected by security issues.
But security experts, and even other hackers, criticised his explanation
as disingenuous. One said it was like 'leaving a loaded gun in a room full
of kids'.
Significantly, two of the computers believed to have been used to launch
the 'denial of service' attacks - so called because they swamp target
sites with millions of messages, causing them to crash - were located at
universities in California, spiritual home of the Web as a liberating and
democratic force.
A desktop computer at the University of California at Santa Barbara was
used for the attack on CNN on Tuesday, while eBay was hit the same day by
data transmitted in part from an Internet router at Stanford University.
Investigators were also 'zeroing in' on locations in Oregon. Another
source was said to be a computer in Germany, since disconnected.
The US Justice Department wants much tougher penalties for malign or mis
chievous hacker attacks. FBI investigators - spurred on by the direct
interest of President Clinton, who has called a 'summit' in Washington
this week - are searching for the origins of the attacks.
The 'cybervandals' planted 'daemons' (disk and execution monitors) on
hundreds of unwitting 'zombie' computers. They were programmed to launch
'co-ordinated packet flooding denial of service attacks'.
The US National Infrastructure Protection Centre posted a warning about
'Tribal Flood Network' earlier this month. It said it was 'highly
concerned' because it had been reported on so many systems and appeared to
be 'undergoing active development, testing and deployment'.
Mixter is one of thousands of computer virtuosi who inhabit an ambiguous
world in which good may masquerade as evil and vice versa.
The computer industry has an established tradition of hiring 'tiger teams'
of professional hackers who attack systems to test their security.
But that tradition has grown to embrace unauthorised attacks in which
programmers find a way to invade or cripple a system, publish the details
of the vulnerability and often accompany them with software that exploits
the weakness.
The terms 'white hats', 'black hats' and 'grey hats' are used to classify
hackers, but the lines are often vague. White-hat hackers grew out of the
tiger teams. Since the Seventies, a number of US government laboratories
have deployed special groups of employees who try to bring down systems in
'digital war games'.
Charles Palmer, manager of network security and cryptography at IBM
Research, leads a squad of white hats who are paid by companies to attack
their computer systems.
'A white hat does it when asked, under contract, with a "Get out of jail
free" card,' Palmer said. 'We'll do the job, evaluate it, and tell the
customer what we're doing.'
The grey-hat hackers straddle both worlds, sometimes acting like malicious
hackers but in pursuit of some greater good, real or imagined.
Mixter says he is a grey-hat hacker who recently turned white hat. He said
the conversion came when he crossed a few 'legal borders' in 1998 and 1999
and fell foul of German law officials.
Now, Mixter said, 'I am a white hat, the definition meaning that I am
trying to contribute to improving security by doing what I do, and
completely acting within the law and hacking ethics.'
Mark Rasch, a former federal prosecutor who is now a vice-president at
Global Integrity, a computer security consulting firm in Reston, Virginia,
said: 'There's always been a hacker ethos, and even the bad guys have
thought there are some things you can do and some things that are off
limits,
'I think we've reached a point where this kind of activity is almost
universally decried as being off limits.'
Still, he added, even if Mixter had posted with the intent that attackers
would use them, 'it's wrong, but probably not a crime'.
A member of the hacker group Cult of the Dead Cow, who goes by the handle
Death Veggie, condemned the attacks as 'digital vandalism'.
'It doesn't take any skill, and it's purely destructive,' Death Veggie
said. 'Once a hacker starts becoming really destructive, they stop being a
hacker and become a criminal.'
Yet the Cult of the Dead Cow itself produced a program that enables a
hacker to control another computer from a remote location.
Palmer consorts with such groups but refuses to recruit from their ranks,
even if they claim to have gone straight. 'I don't hire reformed hackers
because, let's just say, I've never really found one,' he said. 'It's like
hiring an arsonist to be your fire marshal. Can you ever really sleep at
night?'
At the same time, Palmer occasionally attends Defcon, an annual three-day
hacker gathering in Las Vegas. He said: 'A lot of these guys get enough
money to keep them in pizza. So many of them are so talented and a lot of
these kids are absolutely gifted.'
Rasch, who was the lead prosecutor in a high-profile computer crime case
from 1988-90, said he did not entirely agree with his former employer, the
Justice Department, which is calling for stiffer penalties.
'There isn't a single case that we can point to and say, "If only the
penalties were greater, the person would not have done this",' he said.
The denial of service attacks did not compromise data or sensitive
commercial information like credit card details. But perceptions of
Internet security took another hit on Friday when a small California
Internet company said an unrelated hacker attack on its system last week
had apparently gained access to consumer credit card numbers.
RealNames, a business in San Carlos, California, said the extent of the
damage was hard to assess because the attack had come through mainland
China, and the connection appeared to have shut down while the hackers
were downloading data.
'Our best guess is that this was done by a traditional hacker, whose goal
is not to steal but to prove that he has the ability to steal,' said
RealNames chief executive Keith Teare, whose company sells an Internet
address system.
Clinton's summit is expcted to increase co-operation in a young industry
that is growing fast but has not made security a priority. The industry,
in turn, wants to give advice to federal regulators who are seen as too
unsophisticated.
Additional reporting by Katie Hafner of the New York Times
What drives the digital destroyers
White-hat hackers
Since the Seventies, government laboratories and some corporations have
deployed special groups of employees who test computer security by trying
to compromise a system or bring it down in 'digital war games'.
Black-hat hackers
Adhere to the philosophy that information should be free - including
information about security weaknesses. For these people, 'breaking into a
system or exposing its weaknesses is a good thing because truth and
knowledge must win out,' says Dan Farmer, a network security specialist.
Grey-hat hackers
These straddle both worlds, sometimes acting like malicious hackers, but
in pursuit of some greater good, whether real or imagined.
Three days of web mayhem
Hackers paralysed seven service providers last week with a blizzard of
signals.
Monday:
Yahoo
Tuesday:
CNN, eBay, Buy.com, Amazon
Wednesday:
E*Trade, ZDNet
[: hacktivism :]
[: for unsubscribe instructions or list info consult the list FAQ :]
[: http://hacktivism.tao.ca/ :]