Sociology and the Internet – Spring 1999

The popular definition of a hacker has a negative connotation in today’s society, but computer hackers aren’t criminals by their definition of the word. Their definition deals with how someone approaches an activity in life, not just when dealing with computers. Hackers feel a certain depth of commitment and an enhanced level of excitement at hacking a system. Hacking basically means learning all there is to know about a system, becoming immersed in the system to the point of distraction, and being able to fix the system if it breaks.

Hackers basically want to know how a system they find interesting works. Most are not interested in making money or seeking revenge, although certain hackers do cross that line to become what the hacker community calls crackers. Computer hackers become outraged when they are compared with these vandals and criminals the popular media now calls hackers (instead of crackers). For the sake of this paper I am going to be focusing on crackers, as that was the group that I studied, and I will also be referring to them as hackers. Hopefully this paper will give you a little more insight on what the hacker/cracker community is all about.

Most of the hackers (I would estimate over 90%) on the Internet are not malicious. Most of the time when a hacker gains access to a system they will just leave a little sign that they were there and leave things pretty much the same as before they were there. This can be in the form of a web page, a small file saying they were there, or maybe even some type of executable file (such as one that pops up everytime a person logs on to a system that displays some message the hacker wrote). To this group, hacking is kind of like a sport, where each hack is sort of like a trophy. They try to gain access to the biggest or the most systems just like a trophy game hunter. The rest of the hackers tend to be malicious and hack in order to gain access to data they normally wouldn’t have, destroy data, and to try and bring down a system or a network. These are the hackers that you usually read or hear about in the news.

Probably the most sacred thing to a hacker is his or her anonymity. A person can remain unknown on the Internet with hardly any effort at all, so this makes the perfect home for hackers. Many hackers to come up with their own nicknames so that they have some way to lay claim to their exploits. The worst thing that could happen to a hacker is for the real world identity to be found out. This would be comparable to a person on the run from the law being found out by the authorities.

The hacker community primarily exists over the Internet because the Internet is the most convenient way for them to gather and exchange information. One of the largest sources of hacking information is Usenet. The largest and most extensive newsgroup on hacking would have to be alt.2600.hackers. This group gets hundreds of posts daily and gets posts about every aspect of hacking. This newsgroup is also where many hackers go to brag about their hacks and other accomplishments. If a hacker needed to find out the latest utility that was available for finding out other users passwords, they could read the postings in this group and probably find it.

Usenet is not the only way to get the latest hacking hints and tricks. The most convenient would probably be the World Wide Web. One of the most extensive web sites around showing most of the latest hacking exploits around for every major operating system and network packages is at http://www.technotronic.com/. This site was designed for system administrators and security programmers so that they could be made aware of what methods hackers were using. This site gives the fix on how to prevent the hacks. The site not only has all of the patches to the hacks, but it also has the actual code for the actual hacks themselves. Since not every system administrator has the time to keep their system completely up to date, they are leaving the door wide open to hackers. All a hacker would have to do is simply get one of the hacks off of this site and then test it out on different systems until they find one that isn’t protected.

The are hundreds and hundreds of web sites devoted to hacking. A person could go to any popular search engine, type in hacking and come up with a list of invaluable hacking web sites. As a matter of fact there are even search engines that are strictly devoted to hacking such as http://astalavista.box.sk/ and http://www.kaboo.123hostme.com/hackme/mattindex.HTM. There is also a site devoted to tracking and showing off many hacker exploits. The site is http://www.antionline.com/ and they specialize in capturing what system was hacked, by whom, and they also show you the actual hack itself.

Another way that hackers use the Internet to communicate with each other is through chat rooms using Internet Relay Chat (IRC). The are hundreds of chat rooms devoted to hacking on the three main IRC networks (Dalnet, Efnet, and Undernet) and countless others on the smaller chat networks. In these chat rooms hackers can simply ask someone how to do something and get almost instant feedback, instead of having to search the web or reading through newsgroups.

Hackers tend to work alone but sometimes they team up to form a group. Usually the groups say that they are fighting a worthy cause and sometimes they do it just to spite another group. A few groups stand out as elite, as they have done some of the biggest hacks around. Hacking for girliez (H4gls) is most known for their hack of Yahoo.com, but has also hacked other sites including: greenpeace.org, slashdot.org, rootshell.com, www.hq.nasa.gov, and nytimes.com. A few other famous hacking groups are the Masters of Download (M0D) and the Lordz of Download (L0D).

Many of these hacking groups rally around the fight to free Kevin Mitnick. Kevin Mitnick was a solo hacker who was able to hack into what was believed to some of the most secure sites out there. He was even able to hack his way into Motorola’s security expert’s personal computer and leave him a little "I was here" message. He was eventually caught and put in jail where he is now in pretrial detention without bail, a bail hearing, and without having been convicted for over four years. The government has finally set a sentencing hearing date for this summer. Meanwhile hackers around the world tirelessly fight for his freedom, looking up to Kevin as the hacking pioneer. Many hackers put the following banner on all over their webpages, and it is linked to the Kevin Mitnick web page.

Some hackers specialize in creating computer viruses that are designed to wreak havoc on the end users’ computer, rather than the servers. These viruses can be distributed in many ways. Most commonly they are attached to an email, or in a downloadable file that is available on the Internet. These viruses usually try to erase system files on a computer and render it useless. One of the latest viruses to be in the news was the Melissa Virus. This virus was developed to run on the end users’ computer, but it was designed to crash the email servers by flooding them with more emails then they could handle.

Other hackers specialize in "cracking" commercial software packages and making them freely available on the Internet as "warez". I would estimate that at least 80% of all commercial software packages have been cracked and can be downloaded for free. Software companies are fighting a never ending battle to stop the free distribution of their software so the website they are posted to are usually shut down pretty fast. One of the most popular warez site on the web is http://www.liquidwarez.com/ and they provide links to these temporary sites. These "warez" are also distributed via IRC. The names of the chat rooms are always changing, but they are easy to find just by looking for rooms with the string "warez" in it.

Hackers definitely do form an online community. Everyone, from the largest computer companies, down to the novice computer user knows their presence. All computer users generally fear hackers even though most of them are not out to do any harm. But the ones that do end up being malicious, usually do enough damage do strike fear into everybody’s mind. There are a few simple rules one can follow to protect yourself from some of the hacker’s devious plot. The biggest thing the end user can do is to always have a virus program running and to keep it up to date. Another big thing is to never download anything from an untrusted source, or to open an email attachment from an untrusted sender. There is no 100% way to safeguard yourself from hackers because they are always new hacks coming out.

alt.hacking

alt.2600.hacking

http://technotronic.com/

http://cert.net/

http://antionline.com/

http://astalavista.box.su/

http://www.kaboo.123hostme.com/hackme/mattindex.HTM

http://www.liquidwarez.com/

http://www.kevinmitnick.com/

http://www.mcaffee.com/

http://iclebox.secretinfo.com/

http://www.sotmesc.org/gcms/hackbb/wwwboard.html

http://www.hackers.com/

http://www.2600.com/

http://www.discovery.com/area/technology/hackers/crunch.html

http://hoshi.cic.sfu.ca/~guay/Paradigm/Hacker.html