Hackers Essay Research Paper The Computer UndergroundThe

Hackers Essay, Research Paper

The Computer Underground.

The beginning of the electronic communication revolution

that started with the public use of telephones to the emergence

of home computers has been accompanied by corresponding social

problems involving the activities of so-called “computer

hackers,” or better referred to as the computer underground (CU).

The CU is composed of computer aficionados who stay on the

fringes of legality. The CU is composed of relatively intelligent

people, in contrast to the media’s description of the ultra

intelligent and sophisticated teenage “hacker.” The majority have

in common the belief that information should be free and that

they have “a right to know.” They often have some amount of

dislike for the government and the industries who try to

control and commercialize information of any sort. This paper

attempts to expose what the CU truly is and dispel some of the

myths propagated by the media and other organizations. This paper

also tries to show the processes and reasons behind the

criminalization of the CU and how the CU is viewed by different

organizations, as well as some of the processes by which it came

into being. What the CU is has been addressed by the media,

criminologists, secuity firms, and the CU themselves, they all

have a different understanding or levels of comprehention, this

paper attempts to show the differences between the views as well

as attempt to correct misunderstandings that may have been

propagated by misinformed sources. The differences between the

parties of the CU such as, “hackers,” “crackers,” “phreaks,”

“pirates,” and virus writers have rarely been recognized and some

deny that there are differences thus this paper attempts to give

a somewhat clearer view and define exactly what each party is

and does as well as how they relate to one another.

Every individual in the CU has a different level of

sophistication when it comes to computers, from the height of the

advanced virus writer and network hacker to the pirate who can be

at the same level as a novice computer user. The prevalence of

the problem has been dramatized by the media and enforcement

agents, and evidenced by the rise of specialized private security

firms to confront the “hackers.” The average person’s knowledge

about the CU has been derived mostly from the media. The media

gets their information from former CU individuals who have been

caught, from law enforcement agents, and from computer security

specialists. The computer underground, as it is called by those

who participate in it, is composed of people adhering to one or

several roles: “hacker,” “phreaker,” “pirate,” “cracker,” and

computer virus developer. Terms such as these have different

meanings for those who have written about the computer

underground, such as the media, and those who participate in it.

The media’s concept of the Computer Underground is the main

cause of the criminalization of the activity and has largely

occurred as the result of media dramatization of the “problem”

(Hollinger and Lanza-Kaduce, 1988). In fact, it was a

collection of newspaper and film clips that was presented to the

United States Congress during legislative debates as evidence of

the computer hacking problem (Hollinger and Lanza-Kaduce, 1988,

p.107). Unfortunately, the media assessment of the computer

underground displays a naive understanding of CU activity. The

media generally makes little distinction between different types

of CU activity. Most any computer- related crime activity can be

attributed to “hackers.” Everything from embezzlement to computer

viruses have, at one time or another, been attributed to them.

Additionally, hackers are often described as being sociopathic or

malicious, creating a media image of the computer underground

that may exaggerate their ability for doing damage. The labeling

of the CU and especially hackers as being “evil” is well

illustrated by these media examples. The first is from Eddie

Schwartz, a WGN-Radio talk show host.

Here Schwartz is addressing “Anna,” a self-identified hacker

that has phoned into the show: You know what Anna, you know what

disturbs me? You don’t sound like a stupid person but you

represent a . . . a . . . a . . . lack of morality that

disturbs me greatly. You really do. I think you represent a

certain way of thinking that is morally bankrupt. And I’m not

trying to offend you, but I . . .I’m offended by you! (WGN Radio,

1988)

Another example is from NBC-TV’s “Hour Magazine” featured a

segment on “computer crime.” In this example, Jay Bloombecker,

director of the National Center for Computer Crime Data,

discusses the “hacker problem” with the host of the show, Gary

Collins.

Collins: . . . are they (hackers) malicious in intent, or

are they simply out to prove, ah, a certain machismo amongst

their peers? Bloombecker: I think so. I’ve talked about “modem

macho” as one explanation for what’s being done. And a lot of the

cases seem to involve proving that he . . . can do something

really spiffy with computers. But, some of the cases are so evil,

like causing so many computers to break, they can’t look at that

as just trying to prove that you’re better than other people. GC:

So that’s just some of it, some kind of “bet” against the

computer industry, or against the company. JB: No, I think it’s

more than just rottenness. And like someone who uses graffiti

doesn’t care too much whose building it is, they just want to

be destructive.

GC: You’re talking about a sociopath in control of a

computer! JB: Ah, lots of computers, because there’s thousands,

or tens of thousands of hackers. (NBC-TV, 1988)

The media’s obsession with the computer underground, that is

generally labeled as hacking, focuses almost entirely upon the

morality of their actions. Since media stories are taken from the

accounts of the police, security personnel, and members of the

computer underground who have been caught, each of whom have

different perspectives and 20 definitions of their own, the

media’s definition, if not inherently biased, is at best

inconsistent.

Criminologists, are less judgmental than the media, but no

more precise. Labels of “electronic trespassers”(Parker, 1983),

and “electronic vandals” (Bequai, 1987) have both been applied to

the CU’s hacking element specifically. Both terms, while

acknowledging that “hacking” is deviant, shy away from labeling

it as “criminal” or sociopathic behavior. Yet despite this

seemingly non-judgmental approach to the computer underground,

both Parker and Bequai have testified before Congress, on

behalf of the computer security industry, on the “danger” of

computer hackers. Unfortunately, their “expert” testimony was

largely based on information culled from newspaper stories, the

objectiveness of which has been seriously questioned (Hollinger

and Lanza-Kaduce 1988 p.105).

Computer security specialists, on the other hand, are often

quick to identify the CU as criminals. Similarly, some reject the

notion that there are different roles and motivations among the

computer underground participants and thereby refuse to define

just what it is that a “hacker” or “phreaker” does. John

Maxfield, a “hacker expert,” suggests that differentiating

between “hackers” and “phone phreaks” is a moot point, preferring

instead that they all just be called “criminals.” The reluctance

or inability to differentiate between roles and activities in the

computer underground, as exhibited in the media and computer

security firms, creates an ambiguous definition of “hacker” that

possesses two extremes: the modern-day bank robber at one end,

the trespassing teenager at the other. Thus, most any criminal

or mischievous act that involves computers can be attributed to

“hackers,” regardless of the nature of the crime.

Participants in the computer underground also object the

overuse and misuse of the word hacking. Their objection centers

around the indiscriminate use of the word to refer to computer

related crime in general and not, specifically, the activities of

the computer underground: Whenever the slightest little thing

happens involving computer security, or the breach thereof, the

media goes *censored*ing bat*censored* and points all their fingers at us

‘nasty hackers.’ They’re so damned ignorant it’s sick (EN,

message log, 1988). . . . whenever the media happens upon

anything that involves malicious computer use it’s the “HACKERS.”

The wor

card.” What someone should do is tell the *censored*en media to get it

straight (TP2, message log, 1988).

The difference between the different elements of the

computer underground has been generally obscured by the media.

Terms such as Cracker, Phreaker, Pirate, or Virus writer have

been generally replaced with the all encompassing word “HACKER”.

Each element is associated with the computer underground and some

are bigger players than others but none of them can qualify

individually as the total sum of all the elements. There are

major differences between the elements of the CU that is rarely

understood by someone on the outside.

The use of the word “hacker”, which is now generally

accepted to be part of the CU, has gone through drastic changes

in definition. “Hacker” was first applied to computer

related activities when it was used by programmers in the late

1950’s. At that time it referred to the pioneering researchers,

such as those at M.I.T., who were constantly adjusting and

experimenting with the new technology (Levy, 1984. p.7). A

“hacker” in this context refers to an unorthodox, yet talented,

professional programmer. This use of the term still exits today,

though it is largely limited to professional computing circles.

The computer professionals maintain that using “hackers” (or

“hacking”) to refer to any illegal or illicit activity is a

corruption of the “true” meaning of the word. Bob Bickford, a

professional programmer who has organized several programmer

conferences, explains:

At a conference called “Hackers 4.0″ we had 200 of the most

brilliant computer professionals in the world together for one

weekend; this crowd included several PhD’s, several presidents of

companies (including large companies, such as Pixar), and

various artists, writers, engineers, and programmers. These

people all consider themselves Hackers: all derive great joy from

their work, from finding ways around problems and limits, from

creating rather than destroying. It would be a great disservice

to these people, and the thousands of professionals like them, to

let some pathetic teenaged criminals destroy the one word which

captures their style of interaction with the universe. (Bickford,

1988).

The more widely accepted definition of “hacker” refers to one who

obtains unauthorized, if not illegal, access to computer systems

and networks. This definition was popularized by the movie War

Games and, generally speaking, is the one used by the media. It

is also the definition favored by the computer underground. Both

the members of the computer underground and professional

computer programmers claim ownership of “hacker,” and each defend

the “proper” use of term. However, since computer break-ins are

likely to receive more media attention than clever feats of

programming, the CU definition is likely to dominate simply by

being used more often.

A “computer hacker” could be defined as an individual,

associated with the computer underground, who specializes in

obtaining unauthorize access to computer systems. “Hacking”

refers to gaining access and exploring computer systems and

networks. “Hacking” encompasses both the act and the methods used

to obtain valid user accounts on computer systems. “Hacking” also

refers to the activity that occurs once access to another

computer has been obtained. Since the system is being used

without authorization, the hacker does not, generally speaking,

have access to the usual operating manuals and other resources

that are available to legitimate users. Therefore, the hacker

must experiment with commands and explore various files in order

to understand and effectively use the system. The goal here is to

explore and experiment with the system that has been entered. By

examining files and, perhaps, by a little clever programming, the

hacker may be able to obtain protected information or more

powerful access privileges. Once a hacker has managed to gain

access to a computer system he will generally try make sure that

his activities are hidden so that he can keep access on the

system. This is the difference between hacker and cracker. Unlike

the hacker a cracker is only really interested in “cracking” the

machine/system and once the feat is accomplished he is generally

disinterested and leaves, he could be called the tourist of

the hacking element. (Bill Landreth, Outside the Inner Circle)

Another role in the computer underground is that of the

“phone phreak.” Phone phreaking, usually called just “phreaking,”

was widely publicized when the exploits of John “Cap’n Crunch”

Draper, the “father of phreaking,” were publicized in a 1971

Esquire magazine article. The term “phreaking” encompasses

several different means of getting around the billing mechanisms

of telephone companies. By using these methods, long distance

phone calls can be placed without cost. In ma y cases the

methods also prevent, or at least inhibit, the possibility of

calls being traced to their source thereby helping the phreaker

to avoid being caught. Early phreaking methods involved electro-

mechanical devices that generated key tones, or altered line

voltages in certain ways as to trick the mechanical switches of

the phone company into connecting calls without charging. This

method of phreaking is generally called “(color) boxing,” where

the type of box is referred to by a color such as “blue boxing.”

However the advent of computerized telephone-switching systems

largely made these devices obsolete. In order to continue their

practice the phreaks have had to learn hacking skills. Phreaking

and hacking have just recently merged, because now, the telephone

companies are using computers to operate their network. So, in

order to learn more about these computers in relation to the

network, phreaks have learned hacking skills, and can now

program, and get around inside the machines (AF, message log,

1988).

For most members of the computer underground, phreaking is

simply a tool that allows them to call long distance without

amassing enormous phone bills. Because the two activities are so

closely related, with phreakers learning hacking skills and

hackers breaking into “telco” computers, reference is usually

made to phreak/hacking or p/hackers.” Those who have a deeper

and more technically oriented interest in the “telco” (telephone

company) are known as phreakers. They, like the hackers discussed

earlier, desire to master and explore a system that few outsiders

really understand: The phone system is the most interesting,

fascinating thing that I know of. There is so much to know. Even

phreaks have their own areas of knowledge. There is so much to

know that one phreak could know something fairly important and

the next phreak not. The next phreak might know ten things that

the first phreak doesn’t though. It all depends upon where and

how they get their info. I myself would like to work for the

telco, doing something interesting, like programming a switch.

Something that isn’t slave labor bull*censored*. Something that you

enjoy, but have to take risks in order to participate unless you

are lucky enough to work for the telco. To have access

to telco things, manuals, etc would be great (DP, message log,

1988).

Phreaking involves having the dedication to commit yourself

to learning as much about the phone system/network as possible.

Since most of this information is not made public, phreaks have

to resort to legally questionable means to obtain the knowledge

they want (TP2, message log, 1988). Most members of the

underground do not approach the telephone system with such

passion. Many hackers are interested in the phone system solely

to the extent that they can exploit its weaknesses and pursue

other goals. In this case, phreaking becomes a means and not a

pursuit unto itself. Another individual, one who identifies

himself as a hacker, explains: I know very little about phones .

. . I just hack. See, I can’t exactly call these numbers direct.

A lot of people are in the same boat. In my case, phreaking is a

tool, an often used one, but nonetheless a tool (TU, message log,

1988).

In the world of the computer underground, the ability to

“phreak a call” is taken for granted. The phone companies

allowance the use of the credit cards for billing has opened the

door to wide-scale phreaking. With credit cards, no special

knowledge or equipment is required to phreak a call, only valid

credit card numbers, known as “codez,” are needed to call any

location in the world. This method of phreaking is generally

called “carding,” it is generally looked on as the lowest form of

phreaking as almost no technical skill is necessary. Another

role in the computer underground is that of the software pirate.

Software piracy refers to the unauthorized copying and

distribution of copyrighted software. This activity centers

around computer bulletin board systems, and parts of the internet

that specialize in “warez.” Pirates and phreak/hackers/crackers

do not necessarily support the activities of each other, and

there is distrust and misunderstanding between the two groups. At

least part of this distrust lies in the phreak/hacker perception

that piracy is an unskilled activity. A possible exception to

this are those pirates that have the programming skills needed to

remove copy protection from software. By removing the program

code that inhibits duplicate copies from being made these

individuals, which also go by the name “crackers,” contribute

greatly to the easy distribution of “warez.” While p/hackers

generally don’t disapprove of piracy as an activity, especially

“cracking pirates,” they nevertheless tend to avoid pirate

bulletin boards and internet sites partly because there is little

pertinent phreak/hack information contained on them, and partly

because of the belief that pirates indiscriminately abuse the

telephone network in pursuit of the latest computer game. One

hacker illustrates this belief by theorizing that pirates are

responsible for a large part of credit card fraud. The media

claims that it is solely hackers who are responsible or losses

pertaining to large telecommunication companies and long distance

services. This is not the case. We are (hackers) but a small

portion of these losses. The rest are caused by pirates and

thieves who sell these codes to people on the street (AF, message

log, 1988). Other hackers complain that uploading large

programs frequently takes several hours to complete, and it is

pirate calls, not the ones placed by “tele-communications

enthusiasts” (a popular euphemism for phreakers and hackers) that

cost the telephone industry large sums of money. However, not all

pirates phreak their calls. Phreaking is considered “very tacky”

among elite pirates, and system operators (Sysops) of pirate

bulletin boards discourage phreaked calls because it draws

attention to the system when the call is discovered by the

telephone company.

For the average computer user the most feared of the

computer underground is that of the computer virus creator. Among

the CU computer viruses are generally referred to as “viri.”

Computer viruses are in themselves a very specific type of

program but to the novice or low sophistication computer user,

which the majority are, they are any program that can take over,

damage or otherwise infiltrate, a computer. Program that qualify

as “trojan horses,” “logic bombs,” or “worms” are often just

called “viruses.” A virus is a self-replicating program that is

capable of carrying a destructive or otherwise annoying payload

while a “trojan horse” is a program that allows easy access to an

already-penetrated system. It can also be used to facilitate a

penetration by being tagged to a legitimate program so that when

the host computer runs the program the trojan put itself in a

position to allow the designer easy access. “Logic” or “time

bombs” are similar to the trojans except that they wait for a

specific circumstances or time to detonate a harmful payload.

Logic bombs are often incorporated into a virus, if it is of

the destructive variety, as their destructive payload. The “worm”

is the most similar to a virus in that it also replicates, but it

is generally designed to infect idle workstations or terminals

on a network. Worms tend to exist in memory and are non-

permanent, one must simply reboot to remove them, while the virus

resides on disk where they are permanent until eradicated.

There are two main types of virus writers, people who’s main

purpose is to create havoc for the computer user doing everything

possible to spread their viruses. Then there are the people who

aren’t interested in spreading their viruses but rather creating

them as a mental exercise that involves figuring out better ways

to evade detection or further empower their programming skills.

The latter will often be composed of software engineers and

highly skilled programmers while the primary tends to be a

younger age group who are relatively unskilled in comparison. An

example of this is a teenage viri writer called “Little Loc” who

“wanted to be the most dangerous virus writer in American,” and

attempted to prove it by writing a virus that became wide spread

and know as the Satan Bug. On the other hand there are writers

like “Screaming Radish,” who is Windows-application developer

from Australia, his purpose in virus development is not

destructive but rather to gain a better understanding of how

anti-virus software works. He likes to “reverse-engineer” anti-

virus software taking them apart to study what signatures it

scanned for and what the software excludes from it’s scrutiny.

Viruses made with that level of sophistication are becoming a

type of digital currency in the computer underground where one

can use them to trade for other information. (Jan Smith, 1994)

Mark A. Lugwig, the writer of virus tutorials, had this to say:

It is inevitable that these books will offend some people. In

fact, I hope they do. They need to. I am convinced that computer

viruses are not evil and that programmers have the right to

create them, posses them and experiment with them. That kind of a

stand is going to offend a lot of people, no matter how it is

presented. Even a purely technical treatment of viruses which

simply discussed how to write them and provided some examples

would be offensive. The mere thought of a million well armed

hackers out there is enough to drive some bureaucrats mad. These

books go beyond a technical treatment, though, to defend the idea

that viruses can be useful, interesting, and just plain fun.

That is bound to prove even more offensive. Still, the truth is

the truth, and it needs to be spoken, even if it is offensive.

Morals and ethics cannot be determined by a majority vote, any

more than they can be determined by the barrel of a gun or loud

mouth. Might does not make right.

The mass media has tended to sensationalize hacking, whilst

soundly condemning it. But there other points of view: for

example, in many instances the breaching of systems can provide

more effective security in the future, so that other (presumably

less well-intentioned) elements of the CU are prevented from

causing real harm. A good llustration of this was the

penetration of British Telecom’s electronic mail system in

1984, by Steven Gold and Robert Schifreen, which resulted in a

rude message being left in none other than the Duke of

Edinburgh’s account! This incident attracted enormous publicity

and led directly to improved security arrangements for the whole

of the Prestel system. Gold and Schifeen were therefore extremely

indignant at being treated as criminals – and this illustrates

the discrepancy between what the law considers to be criminal

behavior and how the CU often perceive themselves. (The

Australian, 1988)

We might therefore ask ourselves whether, for the sake of

balance, a truly democratic society should possess a core of

technically gifted but recalcitrant people. Given that

more and more information about individuals is now being stored

on computers, often without our knowledge or consent, is it not

reassuring that some citizens are able to penetrate these

databases to find out what is going on? Thus it could be argued

that the CU represent one way in which we can help avoid the

creation of a more centralized, even totalitarian government.

This is one scenario the CU openly entertain. Indeed, we

now know that at the time of the Chernobyl nuclear power station

disaster in the former Soviet Union, hackers from the Chaos

Computer Club released more information to the public about

developments than did the West German government itself. All of

this information was gained by illegal break-ins carried out in

government computer installations.Bibliography

REFERENCES

The Australian, 1988, January 26, Hackers found guilty after

cracking Duke’s codes. April 29, Lords clear British Hackers.

Best, Joel and David F. Luckenbill. 1982. Organizing Deviance.

Englewood Cliff, New Jersey: Prentice-Hall.

Bequai, August. 1987. Technocrimes. Lexington, Mass.:Lexington

Books.

Bickford, Robert. 1988. Personal communication to Gordon Meyer.

Chicago Tribune. 1989. “Computer hacker, 18, gets prison for

fraud.” Feb. 15:2,1.

Compuserve Magazine, 1994, Viruses: Gone or just forgotten?

Forester, Tom and Morrison, Perry, 1990, Computer Ethics,

Cautionary Tales and Ethical Dilemmas in Computing.

Hollinger, Richard C. and Lonn Lanza-Kaduce. 1988. “The Process

of Criminalization: The Case of Computer Crime Laws.”

Criminology 26:101-126.

Levy, Steven. 1984. Hackers: Heroes of the Computer Revolution.

New York: Dell Publishing.

Message Logs from a variety of computer underground bulletin

board systems, 1988-1989.

NBC-TV. 1988. Hour Magazine. November 2, 1988.

Bill Landreth, 1985, Outside the Inner Circle. Microsoft

publishing

Parker, Donn B. 1983. Fighting Computer Crime. New York: Charles

Scribner’s Sons.

Rosenbaum, Ron. 1971. “Secrets of the Little Blue Box .” Esquire

October, pp. 116-125.

Small, David. 1988. Personal communication to Gordon Meyer.

WGN-Radio. 1988. Ed Schwartz Show. September 27, 1988.