Islands in the Clickstream. In Defense of Hacking. Feb 23 2000

[richard@thiemeworks.com]

[: hacktivism :]

The following article was published in the Village Voice, February 16 - 22, 2000 
and the LA Weekly under the title "Hacking the Future."

Islands in the Clickstream:
In Defense of Hacking 


Let's get our definitions straight. Last week's attacks on dozens of Web sites
were not the work of hackers. They were the work of script kiddies, and the
difference is everything. Script kiddies download ready-made tools and use them 
to damage the network. Script kiddies criminally distort the essential ethos of
hacking, which is to pass through the network without a trace. Hackers read the 
unknown, sense the contours of the codes that make tomorrow's booms and busts. 

It's no wonder that last week hackers everywhere cringed when the media confused 
them with script kiddies. Not less than 10 years ago, the word hacker conjured a 
dedicated geek, hunched over a glowing terminal, working late into the night to 
solve an intractable dilemma. Now hacker means something akin to cybercriminal. 
The semantic shift is regrettable, not only because the distortion inhibits 
clarity, but because it buries a piece of history we'd be wise to keep fresh: It 
was hackers who cobbled together the Internet. 

Hacking is a quest for knowledge. You can see the essence of the activity in 
meetings at security firms like Secure Computing, where hackers are a key part 
of the professional services team. With clients in the Fortune 500 and 
three-letter government agencies, like DOD and NSA, the stakes are high, and 
when the firm faces a perplexing problem, brainstorming sessions go late into 
the night. Ideas fly from one person to another like pinballs off flippers, as 
the group mind turns over and examines the puzzle from all sides. 

The concept of a "group mind" flows from the structure of the Internet itself,
parallel processor harnessed to parallel processor to achieve a single goal. 
It's no coincidence that information technology professionals often think in a 
style similar to the way computers calculate. The network taught them how to 
reason digitally; it imprinted itself on their minds just as they imprinted 
their minds on it. 

Is it any wonder, then, that hackers are the leaders of the new millennium? By 
leader I mean someone who forges ahead and names the emergent realities of the 
dim future. Consider Tim Berners-Lee, who designed the first Web protocols and 
wrote the first browser code. Berners-Lee was a hacker. Or consider Richard 
Stallman, the evangelist of Open Source software. Stallman is an extraordinary 
hacker. 

I recently consulted with a major mutual fund, and after the meeting I traded 
war stories with its head of IT. He fondly recalled the old days of hacking Unix 
systems. That this former "delinquent" now runs a system executing 
billion-dollar transactions is not shocking. Most of the bright people in the IT 
business learned how to hack by-what else?-hacking. 

Let's go back to Open Source for a moment. It's now the conventional wisdom that
the Linux operating system and GNU Project are miracles of modern computing,
which may one day triumph over the clunky software produced by the
Microsoft-Apple cartel. Stallman launched the GNU Project by asking hackers to
volunteer their services. Of course, they did. Likewise, Linux was founded on 
the belief that complex systems must be open, evolving, and free in order to 
reach their ull potential. In other words, they must be hackable and they must 
be hacked. Continuously. 

Now comes the FBI and President Clinton with criminal sanctions for these script
kiddies. It's right and just to keep the peace, but let's remember that in the
Internet's embryonic stage, hacking, far from being criminal, was encouraged.
When computers were first networked through telephone lines and slow modems,
bulletin boards emerged as crossroads where cybertravelers could leave messages
and valuable information about how the phone lines intersected with
microprocessors. By these postings, the network formed a symbiotic relationship
with its users, and through the give and take of countless exchanges between
hackers, the network bootstrapped itself to a higher level of complexity. As Tom
Jackiewicz, who helps administer upt.org, an outgrowth of the hackers' favorite, 
the UPT Bulletin Board, recalls, "In the old days of a decade ago, no kid could 
afford a Solaris workstation. The only machines available were online. You could 
learn only by roaming the network." 

Today the stakes are higher, security tighter, but the basic modalities of 
hacking and its relationship to innovation remain. The challenge du jour is the 
gauntlet thrown down by Microsoft, which claims that Windows NT, the operating 
system of many businesses, is secure. What a claim! For a baseball fan it would 
be like hearing the Yankees brag that they could play an entire season without 
losing a single game. Hackers love to find flaws in Windows NT. For them, the 
payoff is the power rush of the thunk! when the stone hits Goliath in the 
forehead. 

One of the sharpest stones to leave a hacker's sling is a program called Back 
Orifice 2000. Developed by a group called Cult of the Dead Cow, the program can 
be loaded stealthily on a Windows network, giving a remote user control over the 
network. Why develop such a weapon? In the current environment of ubiquitous 
distributed computing-that is, networks and nodes everywhere-the hackers argue 
that no operating system protects against stealthy executables like Back 
Orifice. So the program is a form of shock therapy. It jerks Microsoft into 
action, stirring an  indolent industry into making the Internet more secure. The 
upgrades that come as a result benefit every Windows user. 

As a culture we are just beginning to recognize this dynamic. One of the first
hacker groups to benefit from our grudging acceptance of the craft is LOpht, 
which crossed over from the computing underground to the mainstream after 
finding flaws in Windows NT. Their transition has been so successful that when 
Congress conducted an investigation into Internet security it asked two LOpht 
members, Mudge and Weld Pond, to come to Washington for a briefing. Now LOpht 
has teamed up with former Compaq Computer executives to form @Stake, a security 
firm that has the media and Wall Street swooning. 
                  
So when is a hacker not a felon? When he receives $10 million in venture 
capital? When Congress invites him to a hearing? 

When we lump all hackers into a criminal class we are liable to forget their 
essential role as architects of the information age. Edward O. Wilson said that 
scientists are characterized by a passion for knowledge, obsession, and daring. 
Hackers share that passion, the hunter-gatherer gene for restless wandering, 
wondering what's beyond the next hill. They hack because it's fun, because it's 
a challenge, and because the activity shapes their identity. Their 
strengths-love of risk, toleration of ambiguity, and ability to sift meaning 
from disparate sources-power the very network we all rush to join.


**********************************************************************
            
Islands in the Clickstream is an intermittent column written by
Richard Thieme exploring social and cultural dimensions 
of computer technology and the ultimate concerns of our lives.
Comments are welcome.

Feel free to pass along columns for personal use, retaining this
signature file. If interested in (1) publishing columns
online or in print, (2) giving a free subscription as a gift, or 
(3) distributing Islands to employees or over a network, 
email for details.  

To subscribe to Islands in the Clickstream, send email to
rthieme@thiemeworks.com with the words "subscribe islands" in the
body of the message. To unsubscribe, email with "unsubscribe
islands" in the body of the message.

Richard Thieme is a professional speaker, consultant, and writer
focused on the impact of computer technology on individuals and
organizations - the human dimensions of technology and work - and 
"life on the edge."

Islands in the Clickstream (c) Richard Thieme, 2000. All rights reserved.

ThiemeWorks on the Web:  http://www.thiemeworks.com and 
http://www.richardthieme.com

ThiemeWorks  P. O. Box 170737  Milwaukee WI 53217-8061  414.351.2321
*********************************************************************


[: hacktivism :]
[: for unsubscribe instructions or list info consult the list FAQ :]
[: http://hacktivism.tao.ca/ :]