Cracking the Code of Ethics


In the spare halls of WBAI’s new offices on Wall Street, a few hackers loiter around, talking to one another about the newest digital phones, the bureaucratic nuances of Bell Atlantic, and what to eat for dinner (either upscale diner or Mexican). It’s Tuesday night; they’re waiting for Emmanuel Goldstein (a/k/a Eric Corley), host of the hacker radio show Off the Hook and editor of 2600: The Hacker Quarterly. One, a middle-aged man wearing glasses and a baggy, ill-fitting suit, sits on a bench near the front door listening to the wall-mounted speaker project a human voice. The inner cone of the speaker appears to have a little tear, turning consonants into a static-sounding lisp. “The SH-I-A has many oberatives in that hountry,” the voice comes over. “What we have here is a hovert strike assault.” They’re tuned in to Expert Witness, a radio show about clandestine military operations and spy technology, which airs every Tuesday night just before Off the Hook.

“These guys are the real hackers,” says the man sitting on the bench, about the CIA operatives and post­Cold War spies. “We just hack esoteric things, like phones and computers.”

But these days, there’s much debate about what a “real” hacker is. Usenet’s alt.2600 and alt.hackers play host to constant flame wars about just who is and who isn’t. A typical post goes something like this: “Can someone tell me how I can get a wardialer [a program that dials random numbers until it finds one hooked up to a computer]?” To which the typical response is: “Get a life. First try to learn something about computers then come back with some real questions. We got to get rid of these wannabe hackers.”

Within what was once a cipher of people guided by a single code or ethic, clashing philosophies have emerged. The explosion of the Internet and the rush to get a computer in every home, classroom, and office has made every 15-year-old kid with a modem a potential hacker, of sorts. By some accounts, this fragmentation of the hacker community has spawned a new breed of more dangerous hackers, leaving the traditionalists to slowly die out.

“There are definitely divisions and now there are all types of hackers,” says J. P. Vranesevich, who runs, which publishes information about security holes in programs as well as the latest hacker attacks. He breaks it down into “traditional hackers like Emmanuel Goldstein”; “hackers for profit” like Vladimir Levin, who stole $4 million from Citibank and was rumored to have ties to the Russian mob; and hackers whose playgrounds include foreign government networks, such as Israeli Ehud Tenebaum, a/k/a Analyzer, who hacked the Department of Defense computers and was described by Bibi Netanyahu as “damn good” but “very dangerous.” “It’s all changing now,” Vranesevich says. “There are split motivations.”

“Bullshit,” responds Goldstein, when asked if he thinks the hacker community is fragmenting. “All we’re seeing are the youths who are breaking into systems. We’ve had that before. It was just smaller then.”

Goldstein means the ever growing grade known as “script-kiddies,” or wannabes who troll around the Net and co-opt the old “scripts” or programs of other hackers, which allow them to infiltrate a computer system, download credit-card numbers, or logjam a network. (The most famous script to date is AOL4Free, which gave free AOL access by generating a false credit-card number based on a simple algorithm. Later versions of this script enabled wannabes to find real credit-card numbers of AOL members.)

“These kids don’t really have any skills,” says Deth Veggie of cDc, one of the oldest hacker crews around. “Since they didn’t learn it for themselves they don’t respect the system they’re infiltrating. And so they steal things and download files, which a real hacker would never do.”

To find out what a real hacker is, it’s useful to consult the Jargon File, a compendium of hacker slang started by Raphael Finkel of Stanford’s Artificial Intelligence Lab back in 1975. The File has been updated numerous times and has been handed down to various editors the same way hackers share and constantly modify program codes. According to Jargon File 4.0.0, a hacker is “a person who enjoys exploring the details of programmable systems.” Also: “A malicious meddler who tries to discover sensitive information by poking around.” This last definition has a new editor’s note, reading: “deprecated.”

According to a study released earlier this year by the Computer Security Institute and the FBI, however, malicious hacks are on the rise. Sixty-four percent of the companies surveyed reported computer security breaches within the past year, a 16 percent increase over the year before. And 47 percent of these attacks resulted in theft of data, financial fraud, or sabotage. Though there are no statistics on exactly how many hackers are surfing the Net, it is clear that there are more of these “malicious meddlers” than ever before.

“I don’t see it as an alarming trend,” says Route of Phrack, an electronic hacker publication founded in 1985, just after 2600. “The hacker world is a mirror of society. And we’ll have these bad elements like any society. It’s just that nobody knows what we’re really about.”

This public relations trouble is caused in part by the disproportionate amount of media attention bestowed on hackers like Tenebaum and Kevin Mitnick, who has been in jail since 1995 awaiting trial on charges of stealing 20,000 credit-card numbers— and who will be portrayed by Skeet Ulrich in a forthcoming Miramax film.

Many of the traditional cadre of hackers have complained that the media like to focus on people like Mitnick and “clump us together with those guys,” says Hosaka, founder of r00t, another hacker crew. “R00t doesn’t do things like that. We don’t ‘hack’ in that way. All we’re about is hanging out, exchanging information, and teaching each other new things. If you want to break something, go out and buy it, then break it. Don’t break other people’s work.”

These sentiments, shared by many of the hacking world’s sizable old guard, have increased the tension over the already contentious Mitnick issue, which many hackers point to as evidence of fragmentation. Although just about everyone agrees Mitnick has been held in jail for too long without a trial, many think he should face the consequences. “He did do bad things and break the law,” says Tom Jackiewicz, a/k/a invalid, of UPT, an old hacker BBS. “He should pay for his crimes.” But Goldstein disagrees, and has campaigned heavily for a speedy trial. “Mitnick is not someone who belongs in prison,” he claims.

The recent hack of the New York Times Web site— where the words “Free Kevin” were graffitied by a crew calling itself Hacking For Girlies (HFG)— has also become a point of contention.

“It was wrong,” says Hosaka. “On the Internet you have the ability to display what you want, so put up your own site.”

Still, some think it was “pulled off pretty well,” according to Deth Veggie. “My impression is that it was done more to send a message than just to say, ‘Look, we hacked a Web page!’ which is what [these types of hacks are] mostly about.”

The Times is considering the incident a criminal act and the FBI is investigating. Although Web page hacks are usually within the purview of newbie hackers, one hacker source says he knows that “this was done by a hacker from the old guard.”

Perhaps it was not simply a statement about the Mitnick case but a call for the old guard to reclaim media attention, showing everyone that they still exist.

One of five articles in our Cyber feature.