Is there a Hacker Ethic for 90s Hackers?
Introduction
The goal of this text analysis project was to take the texts of the
computer underground and to analyze them for the presence of a)
knowledge about the Hacker Ethic and b) evolution of that Ethic. Many
writers, such as Steven Levy, bemoan the fact that modern-day hackers
(the computer underground) are not worthy of the name because they do
not live up to the principles of the original Hacker Ethic, and as
unethical individuals, should simply be called "computer terrorists"
or "juvenile delinquents." I sought to examine whether 90s new hackers
knew of the old Hacker Ethic, if they had added anything to it, and
the reasons why they felt they acted differently from their
predecessors. I broadened my text analysis to look at what they saw as
ethical violations, and reasons why some might repudiate the Hacker
Ethic or the idea of having an ethic.
As my text project evolved, I found that after discovering the
existence of a new hacker ethic for new hackers, I was wondering if
people expressing the principles of the new ethic also expressed the
old. I expected that the adoption of a new set of ethics would not
necessarily mean the complete abandonment of the old. This would
establish some continuity between both groups of hackers, and some
familiarity by new hackers with the old ideals. If the hypothesis of
continuity turns out to be true, then new hackers are not as different
from old hackers as authors like Levy (or certain computer security
professionals) might claim. They would then not only have their own
ethics, but also utilize some ethical principles of their
predecessors.
I coded 29 documents from the computer underground online using the
NUD*IST text analysis system. I allowed new codes to emerge from other
codes, based on the sort of interactive text-searching and
investigation process that NUDIST makes possible. I decided to code a
few factors that were not directly relevant to my tests, but could
provide avenues for future investigation. Finally, after coding, I
came up with two tests to look at evidence for continuity between the
old and new hacker ethics.
Who is the Computer Underground?
I define the computer underground as members of the following six
groups. Sometimes I refer to the CU as "90s hackers" or "new hackers,"
as opposed to old hackers, who are hackers (old sense of the term)
from the 60s who subscribed to the original Hacker Ethic. See below.
1. Hackers (Crackers, system intruders) - These are people who
attempt to penetrate security systems on remote computers. This is
the new sense of the term, whereas the old sense of the term
simply referred to a person who was capable of creating hacks, or
elegant, unusual, and unexpected uses of technology. Typical
magazines (both print and online) read by hackers include 2600 and
Iron Feather Journal.
2. Phreaks (Phone Phreakers, Blue Boxers) - These are people who
attempt to use technology to explore and/or control the telephone
system. Originally, this involved the use of "blue boxes" or tone
generators, but as the phone company began using digital instead
of electro-mechanical switches, the phreaks became more like
hackers. Typical magazines read by Phreaks include Phrack, Line
Noize, and New Fone Express.
3. Virus writers (also, creators of Trojans, worms, logic bombs) -
These are people who write code which attempts to a) reproduce
itself on other systems without authorization and b) often has a
side effect, whether that be to display a message, play a prank,
or trash a hard drive. Agents and spiders are essentially
'benevolent' virii, raising the question of how underground this
activity really is. Typical magazines read by Virus writers
include 40HEX.
4. Pirates - Piracy is sort of a non-technical matter. Originally, it
involved breaking copy protection on software, and this activity
was called "cracking." Nowadays, few software vendors use copy
protection, but there are still various minor measures used to
prevent the unauthorized duplication of software. Pirates devote
themselves to thwarting these things and sharing commercial
software freely with their friends. They usually read Pirate
Newsletter and Pirate magazine.
5. Cypherpunks (cryptoanarchists) - Cypherpunks freely distribute the
tools and methods for making use of strong encryption, which is
basically unbreakable except by massive supercomputers. Because
the NSA and FBI cannot break strong encryption (which is the basis
of the PGP or Pretty Good Privacy), programs that employ it are
classified as munitions, and distribution of algorithms that make
use of it is a felony. Some cryptoanarchists advocate strong
encryption as a tool to completely evade the State, by preventing
any access whatsoever to financial or personal information. They
typically read the Cypherpunks mailing list.
6. Anarchists - are committed to distributing illegal (or at least
morally suspect) information, including but not limited to data on
bombmaking, lockpicking, pornography, drug manufacturing, pirate
radio, and cable and satellite TV piracy. In this parlance of the
computer underground, anarchists are less likely to advocate the
overthrow of government than the simple refusal to obey
restrictions on distributing information. They tend to read Cult
of the Dead Cow (CDC) and Activist Times Incorporated (ATI).
7. Cyberpunk - usually some combination of the above, plus interest
in technological self-modification, science fiction of the
Neuromancer genre, and interest in hardware hacking and "street
tech." A youth subculture in its own right, with some overlaps
with the "modern primitive" and "raver" subcultures.
The Documents
These 29 text files come from the following sources: the WELL (Whole
Earth 'Lectronic Link) BBS, the MindVox BBS archives, various other
hacker boards, the Usenet newsgroup alt.2600, World Wide Web HTML
documents, the gopher.eff.org hacking 'zine archive, the
cypherpunks.org ftp site, and a netwide search on documents containing
the search term "hacker ethic." Documents were selected for this study
for relevance, and thus do not constitute a fully randomized sample of
electronic text.
1. Discussion begins
2. An unwritten manifesto?
3. Government ethic
4. Hacker theory to practice
5. The Manifesto
6. The MetaForum
In 1990, the online bulletin board system (BBS) known as the WELL
(Whole Earth 'Lectronic Link) co-hosted a conference with Harper's
magazine to discuss the future of hacking. Old and new hackers
were invited to participate. These are transcripts of the various
postings to the topic headings in the conference.
7. Cracker subculture
8. Hackers wanted
These are transcripts of postings to two other topic headings in
the WELL Hacker Conference forum.
9. Assert your rights
10. Defense of Piracy
11. Revolt
These are three "propaganda" text files by hacker Subvert, where
he attempts to make the moral case for hacking.
12. From Crossbows to Cryptography: Thwarting the State via Technology
13. The Crypto Anarchist Manifesto
These two documents from the cypherpunks ftp archive attempt to
make the case for strong encryption and cryptoanarchy.
14. Pirate
15. Pirate Newsletter
These are two e-zines for pirates.
16. Ethics of Hacking by "dissident"
17. Hack Ethics -- A definition of the hacker ethic from the MIT
"Fishwrap Gallery"
18. Jargon File hacker ethic -- Definition of "hacker ethic" from the
Hacker's Jargon File (online companion to Hacker's Dictionary) 3.0
19. The Hacker's Code of Ethics by "Darkman"
These are four texts which deal directly with ethical issues
pertaining to hacking. Two are simply definition files.
20. CDC -- Cult of the Dead Cow description file
21. Digital Free Press -- a hacker e-zine
22. Emmanuel Goldstein testimony-- Testimony of the 2600 leader before
a Congressional hearing on hacking
23. Hacker Manifesto -- "The Conscience of a Hacker" by Mentor
24. Hacker vs Cracker -- " The Difference between Hackers and
Crackers" by CandyMan
25. Novice's guide to hacking -- A guide by Mentor and the Legion of
Doom (LOD), circa 1989
26. Phrack- Declaration of Grievances of the Electronic Community --
An imitation of the grievances clauses from the Declaration of
Independence, updated for the cyberspace era, containing
complaints about current technology policy.
27. Rebels with a Cause -- A 1994 honors essay by Anthropology student
Tanja Rosteck, containing some transcripts of hacker interviews
and statements.
28. What is hacking? -- Definition file from Hacker's Haven Website
29. The Anarchist's Guide to the BBS -- a description of using BBSes
for CU purposes.
Other miscellaneous files.
The Original Hacker Ethic
Every profession or trade tends to have an ethical code which suggests
that it is capable of self-regulation of its members. The code
demonstrates the shared core values necessary for people to practice
within the professional community. And it enables the public and the
government to have some degree of trust for the profession. Some of
these codes may be very ancient and formalized, such as the
Hippocratic Oath sworn by physicians. Others may be very modern and
legalistic, like the code of ethics for applied or academic
anthropologists. Some ethical systems may be "underground," (such as
the Pirates' Code of 18th century buccaneers or Mafia oaths of
loyalty) enabling members of subcultures or groups to survive,
cooperate, and escape outsiders. Yet others like the original Hacker
Ethic are very informal and simple - rules of thumb to live by.
Groups employ different means of enforcing their ethical systems. Some
provisions are often recognized as simply being archaic and are
ignored. This is why most doctors do not heed the prohibitions in the
Hippocratic Oath against abortion or euthanasia, yet most (but not
all!) believe in the ethical principle of not refusing critical
treatment to a patient who is unable to pay. Other groups (such as
anthropologists) often devise ethical codes simply because they are
forced to by the bad behavior of some of their members in the past,
and their provisions are specifically tailored to probems that have
arisen. Violating some ethical codes can get you banned from the
profession or worse, when professional associations exist to enforce
the regulations; with hackers, breaking the Hacker Ethic seems to
result mostly in anathema or social ostracization, a time-honored
method of social control.
The original Hacker Ethic was sort of an impromptu, informal ethical
code developed by the original hackers of MIT and Stanford (SAIL) in
the 50s and 60s. These "hackers" were the first generation of
programmers, employing time-sharing terminal access to 'dumb'
mainframes, and they often confronted various sorts of bureaucratic
interference that prevented them from exploring fully how
technological systems (computers, but also model trains, university
steam tunnels, university phone systems, etc.) worked. The ethic
reflects their resistance to these obstacles, and their ideology of
the liberatory power of technology. The six principles of the Hacker
Ethic are listed below, with some text samples showing where it
appears within these documents.
A concise summation of it can be found in Steven Levy's 1984 book
Hackers: Heroes of the Computer Revolution. Levy suggested that
because of their Ethic and their unconventional style, hackers like
Jobs and Wozniak were able to launch the "computer revolution,"
resulting in the first personal computer (the Apple) which was easy to
use and which put programming power in the individual's hands. Here I
cite documents from my sample which reiterate some of its principles.
1. Hands On Imperative: Access to computers and hardware should be
complete and total. It is asserted to be a categorical imperative
to remove any barriers between people and the use and
understanding of any technology, no matter how large, complex,
dangerous, labyrinthine, proprietary, or powerful.
As we can see, this has not been the case. The computer system has
been solely in the hands of big businesses and the government. The
wonderful device meant to enrich life has become a weapon which
dehumanizes people. To the government and large businesses, people
are no more than disk space, and the government doesn't use
computers to arrange aid for the poor, but to control nuclear death
weapons. The average American can only have access to a small
microcomputer which is worth only a fraction of what they pay for
it. The businesses keep the true state of the art equipment away
from the people behind a steel wall of incredibly high prices and
bureaucracy. It is because of this state of affairs that hacking
was born. ("Doctor Crash", 1986)[1]
2. "Information Wants to Be Free" "Information wants to be free" can
be interpreted in three ways. Free might mean without restrictions
(freedom of movement = no censorship), without control (freedom of
change/evolution = no ownership or authorship, no intellectual
property), or without monetary value (no cost.) Some hackers even
take this to mean information is alive, free to act on its own
agency, as viruses, genetic algorithms, 'bots and other software
programs do. Most hackers seem to advocate this principle in
different senses of the word "free" at different times. In any
case, when asked about the content of the Hacker Ethic, most
people assert this as the key principle.
There is much knowledge that is disallowed, hidden. Government
activities, corporate crime, and "illegitimate" information needs
to be disseminated. People without access to technology need it -
they can contribute to the world. Distributing this information is
illegal, potentially dangerous. This, in my humble opinion, is the
best use of hacked accounts. Obtaining information, disseminating
information needs anonymity. This protects your hide. This is
important. Whistle blowers are only silenced when their identity is
known...
_____________________________________________________________
Access to information
Yes, access is a right you have. You need to know when the
government is killing people, radiating them, listening to them,
lying to them, lying to you. You have a right to gain access to
information about OUR government. This government is supposedly of
the people, by the people, power granted by a social contract.[2]
3. Mistrust Authority. Promote decentralization. This element of the
ethic shows its strong anarchistic, individualistic, and
libertarian nature. Hackers have always shown distrust toward
large institutions, including but not limited to the State,
corporations, and computer administrative bureaucracies (the IBM
'priesthood'). Tools like the PC are said to move power away from
large organizations (who use mainframes) and put them in the hands
of the 'little guy' user. Nowhere is this ethos stronger than
among the anti-statist cypherpunks and extropians.
In fact, technology represents one of the most promising avenues
available for re-capturing our freedoms from those who have stolen
them. By its very nature, it favors the bright (who can put it to
use) over the dull (who cannot). It favors the adaptable (who are
quick to see the merit of the new (over the sluggish, who cling to
time-tested ways). And what two better words are there to describe
government bureaucracy than "dull" and "sluggish"?[3]
_____________________________________________________________
The State will of course try to slow or halt the spread of this
technology, citing national security concerns, use of the
technology by drug dealers and tax evaders, and fears of societal
disintegration. Many of these concerns will be valid; crypto
anarchy will allow national secrets to be traded freely and will
allow illicit and stolen materials to be traded. An anonymous
computerized market will even make possible abhorrent markets for
assassinations and extortion. Various criminal and foreign elements
will be active users of CryptoNet. But this will not halt the
spread of cryptoanarchy.[4]
4. No Bogus Criteria: Hackers should be judged by their hacking, not
by "bogus criteria" such as race, age, sex, or position. Nowhere
is this ethos more apparent than in the strong embrace by most
hackers of the levelling power of the Internet, where anonymity
makes it possible for all such 'variables' about a person to
remain unknown, and where their ideas must be judged on their
merits alone since such contextual factors are not available.
The Internet is one of the best hacks the world has to offer. It
has continually shattered deeply ingrained social prejudices
concerning characteristics such as age, race, wealth, and sex. In
fact, it is common to find 14 year olds arguing philosophy with 41
year olds on America's computer networks![5]
5. "You can create truth and beauty on a computer." Hacking is
equated with artistry and creativity. Furthermore, this element of
the ethos raises it to the level of philosophy (as opposed to
simple pragmatism), which (at least in some quarters) is about
humanity's search for the good, the true, and the beautiful.
Without question, good/great programming (hacking) is art and as
with art each person has their own signature and style (which
changes over time). Quite a few years ago I was reviewing some
derivative works of one hacker, and found the lack of signature and
style of the original.[6]
6. "Computers can change your life for the better." In some ways,
this last statement really is simply a corollary of the previous
one. Since most of humanity desires things that are good, true,
and/or beautiful, the fact that a computer can create such things
would seem to mean that axiomatically it can change peoples' lives
for the better. However, this is merely a declarative statement,
which like the previous one reflects a deep-felt love of
technology. It does not state explicitly that computers should
always change peoples' lives for the better, or the principle that
would follow from that, which is that it is unethical to use them
to make peoples' lives worse. .. Many hackers see the Internet as
an immense positive force, and this reiterated again by hacker
Emmanuel Goldstein --
The future holds such enormous potential. It is vital that we not
succumb to our fears and allow our democratic ideals and privacy
values to be shattered. In many ways, the world of cyberspace is
more real than the real world itself. I say this because it is only
within the virtual world that people are really free to be
themselves - to speak without fear of reprisal, to be anonymous if
they so choose, to participate in a dialogue where one is judged by
the merits of their words, not the color of their skin or the
timbre of their voice. Contrast this to our existing "real" world
where we often have people sized up before they even utter a word.
The Internet has evolved, on its own volition, to become a true
bastion of worldwide democracy. It is the obligation of this
committee, and of governments throughout the world, not to stand in
its way.[7]
Thus, the ethical principles of the Hacker Ethic suggest it is the
ethical duty of the hacker to remove barriers, liberate information,
decentralize power, honor people based on their ability, and create
things that are good and life-enhancing through computers. It remains
an open question (of interpretation) as to whether it advocates the
free distribution of software (the GNU/Richard Stallman position), the
injunction against using computers for malicious purposes (the
Clifford Stoll position), or the need for secure networks based on
trust (the Steven Levy position.) Each of these document samples show
that new hackers are aware of, and advocate (whether intentionally or
accidentally) elements of the original Hacker Ethic.
New Hacker Ethic
From my documents, I found that there is a new hacker ethic which 90s
hackers live by. There are fragments of continuity from the old hacker
ethic, as one can see. The new ethic appears to have developed like
the old one, informally and by processes of mutual reinforcement. The
new ethic seems to contain some ambiguities (like the old one) and a
few contradictions. This may be due to the fact that its practicioners
are more numerous and more dispersed than the original 60s hackers.
1. "Above all else, do no harm" Do not damage computers or data if at
all possible. Much like the key element of the Hippocratic Oath.
According to the "hacker ethic," a hack must: * be safe
* not damage anything
* not damage anyone, either physically, mentally or emotionally
* be funny, at least to most of the people who experience it
[8]
_________________________________________________________________
It is against hacker ethics to alter any data aside from the logs
that are needed to clean their tracks. They have no need or desire
to destroy data as the malicious crackers. They are there to
explore the system and learn more. The hacker has a constant
yearning and thirst for knowledge that increases in intensity as
their journey progresses.[9]
_________________________________________________________________
2. The belief that system-cracking for fun and exploration is
ethically OK as long as the cracker commits no theft, vandalism, or
breach of confidentiality.[10]
Of course, the key problem with this ethical position is its stance on
intent. One should not damage data deliberately. But what if, as often
happens in hacking attempts, one accidentally erases or alters data
while trying to alter system log files or user records? Is that an
ethical violation? Also, the question of what constitutes "harm" is
left open. Most hackers seem to see pranks and practical jokes as
harmless, regardless of their psychological impact. Yet their victims
may not feel these are so 'harmless,' especially if this causes them
to lose valuable time or effort.
Protect Privacy People have a right to privacy, which means control
over their own personal (or even familial) information. Privacy rights
are notably missing from the U.S. Constitution, but they have been
brought to the forefront of modern legal argument due to the growing
surveillance power of technology. There still is no codified right to
privacy for U.S. citizens, although the Supreme Court has ruled that
it is contained implicitly in its judgements legalizing the
distribution of birth control and the right to first-trimester
abortion.
How far do privacy rights go, however? Do people also have an
intrinsic right to online anonymity? Do I have the right to conceal my
health status, criminal record, or sexuality from my employer? Are
some people (politicians, celebrities, etc.) entitled to less privacy
than others? Does my social security number, credit history, or
telephone number belong only to me? Further, the strange thing about
hackers asserting a right to privacy is that it declares a certain
kind of information to not be free. Thus, in some ways this is a
contradiction to the original hacker ethic.
Your right to Privacy
Privacy is a right we beleive we have. Unfortunately privacy is not
explicitately protected in the constitution. Our consitution is
dated in that respect, there weren't the threats to privacy then as
there are now. Technology is truly a double-edged sword. The
abscense of privacy provisions in the constitution does not make it
any less important. Indeed, the lack of constitutional protections
have allowed our privacy to be gravely threatened.[11]
_________________________________________________________________
The concept of privacy is something that is very important to a
hacker. This is so because hackers know how fragile privacy is in
today's world. Wherever possible we encourage people to protect
their directories, encrypt their electronic mail, not use cellular
phones, and whatever else it takes to keep their lives to
themselves. In 1984 hackers were instrumental in showing the world
how TRW kept credit files on millions of Americans. Most people had
never even heard of a credit file until this happened. Passwords
were very poorly guarded - in fact, credit reports had the password
printed on the credit report itself.[12]
The second argument is an interesting one. The problem most hackers
had with TRW is not they kept files on most peoples' credit histories
without their knowledge (thus they couldn't see if they contained any
errors), and it was on that (unknown) basis that they were denied
loans, credit cards, mortgages, etc. It was that those files were
insecure.
"Waste not, want not." Computer resources should not lie idle and
wasted. It's ethically wrong to keep people out of systems when they
could be using them during idle time. This is what some people call
the "joy riders' ethic." If you borrow someone's car, and return it
with no damage, a full tank of gas, and perhaps even some suggestions
for improved performance, have you not done them a favor? Especially
if they never know you borrowed it in the first place for a few road
trips? Isn't it wasting that precious engine power to leave the car in
a parking spot while somebody else could be using it for a grocery
trip? (Is it an ethical violation to borrow the car and make a set of
keys for yourself so you can borrow it whenever you feel like? This
is, after all, what most hackers do when they give themselves sysadmin
privileges.) Yet most are possessive over the use of their own
personal computer.
The hacker ethics involves several things. One of these is avoiding
waste. Over the internet, we have about a quarter million computers
each of which is virtually unused for 10 hours a day. A true hacker
seeing something useful that he could do with terraflops of
computing power that would otherwise be wasted might would request
permission to use these machines and would probably go ahead and
use them even if permission was denied. In doing so, he would take
the greatest possible precautions to not damage the system.[13]
Exceed Limitations Hacking is about the continual transcendence of
problem limitations. Some old hackers assert this principle, as an
informal seventh addition to the original Ethic. Telling a hacker
something can't be done, is a moral imperative for him to try.
"Extropians" believe there is a universal force of expansion and
growth, inverse to entropy, which they call "extropy." Hacking is seen
as extropian because it always seeks to surpass current limits.
Technology is seen as a necessarily exponential force of growth.
Limitations must be overcome. For some hackers, these limitations
might be unjust laws or outdated moral codes.
To become free it may be necessary to break free from medieval
morality, break unjust laws, and be a disloyal employee. Some may
call you an disloyal, sinful criminal. To be free in a room of
slaves is demoralizing. Free your fellow man, give him the tools,
the knowledge to fight oppression. Do not infringe on others'
rights.[14]
The Communicational Imperative People have the right to communicate
and associate with their peers freely. The United Nations
International Telecommunications Union (ITU) has stated in many
conferences that this should be a fundamental human right, with which
no nation should ever interfere. The sweeping freedoms given to
amateur radio hobbyists internationally reflect this belief. Globally,
it remains a significant moral problem, in that most developing
nations lack the infrastructure to grant this right. Various UN
reports have shown that despite the rhetoric, many Third World nations
do not have access to the "global" information superhighway because
they lack "onramps." Their telecommunications infrastructure is
lacking.
Most hackers strongly support the 1st amendments' rights to
communication and assembly, since these are necessary for the free
flow of information. Phreakers take this a step beyond, however, in
asserting that people should have the right to communicate with each
other cheaply (thus poor people have as much right to talk on the
phone long distance as the rest of us) and easily . When
telecommunications companies are an obstacle to this right to
communicate, phreaking (blue boxing the phone system, making
unauthorized 'bridge' conference calls, using empty voicemail boxes,
etc.) is said to be the answer.
The Right to communicate
Communicate!
This is our strongest right, and our most crucial. There mere fact
that this page is allowed to exist is proof that our 1st amendment
has not crumbled completely. Despite the governmental protection,
there are threats to our freedom to communicate.[15]
Leave No Traces Don't leave a trail or trace of your presence; don't
call attention to yourself or your exploits. Keep quiet, so everyone
can enjoy what you have. This is an ethical principle, in that the
hacker follows it not only for his own self-interest, but also to
protect other hackers from being caught or losing access. Such a
principle can be found among various criminal or underground
organizations. Of course, there is a contradiction between asserting a
need for secrecy (as well as privacy), and the need for unrestricted
information.
The rules a Hacker lives by:
1. Keep a low profile.
2. If suspected, keep a lower profile.
3. If accused, deny it.
4. If caught, plea the 5th.[16]
Share! Information increases in value by sharing it with the maximum
number of people; don't hoard, don't hide. Just because it wants to be
free, does not mean necessarily you must give it to as many people as
possible. This principle can be seen as an elaboration on an original
ethical principle. The Pirates' ethic is that piracy increases
interest in software, by giving people a chance to try it out and
experiment with it before paying for it. So sharing software with your
friends is a good thing.
Pirates SHARE warez to learn, trade information, and have fun! But,
being a pirate is more than swapping warez. It's a life style and a
passion. The office worker or class mate who brings in a disk with
a few files is not necessarily a pirate any more than a friend
laying a copy of the lastest Depeche Mode album on you is a pirate.
The *TRUE* pirate is plugged into a larger group of people who
share similar interests in warez. This is usually done through
Bulletin Board Systems (BBSs), and the rule of thumb is "you gotta
give a little to get a little...ya gets back what ya gives."
Pirates are NOT freeloaders, and only lamerz think they get
something for nothing.[17]
Self Defense against a Cyberpunk Future Hacking and viruses are
necessary to protect people from a possible 1984/cyberpunk dystopian
future, or even in the present from the growing power of government
and corporations. It's a moral imperative to use hacking as the
equivalent of 'jujitsu,' allowing the individual to overcome larger,
more impersonal, more powerful forces that can control their lives. If
governments and corporations know they can be hacked, then they will
not overstep their power to afflict the citizenry.
I believe, before it's all over, that the War between those who
love liberty and the control freaks who have been waiting for to
rid America of all that constitutional mollycoddling called the
Bill of Rights, will escalate.
Should that come to pass, I will want to use every available method
to vex and confuse the eyes and ears of surveillance. Viruses could
become the necessary defense against a government that fears your
computer.[18]
What's interesting is that this principle recognizes and asserts that
it's not only possible but also likely for computers to have a dark
side and to be used for purposes other than truth and beauty, and that
we need to be wary of technology, or at least technology in the wrong
hands.
Hacking Helps Security This could be called the "Tiger team ethic":
it is useful and courteous to find security holes, and then tell
people how to fix them. Hacking is a positive force, because it shows
people how to mend weak security, or in some cases to recognize and
accept that total security is unattainable, without drastic sacrifice.
Sense 2 is more controversial: some people consider the act of
cracking itself to be unethical, like breaking and entering. But
the belief that `ethical' cracking excludes destruction at least
moderates the behavior of people who see themselves as `benign'
crackers (see also samurai). Based on this view, it may be one of
the highest forms of hackerly courtesy to (a) break into a system,
and then (b) explain to the sysop, preferably by email from a
superuser account, exactly how it was done and how the hole can be
plugged --- acting as an unpaid (and unsolicited) tiger team.[19]
Many software companies today, including Lotus, regularly use tiger
teams to test their security systems. So, this ethical principle seems
to be agreed upon by some members of the industry -- to a certain
extent. Even Lotus does not want its systems being tested by hackers
who are not under its employ or control.
Trust, but Test! You must constantly test the integrity of systems
and find ways to improve them. Do not leave their maintenance and
schematics to others; understand fully the systems you use or which
affect you. If you can exploit certain systems (such as the telephone
network) in ways that their creators never intended or anticipated,
that's all to the better. This could help them create better systems.
One of those systems that may require constant revision, testing, and
adjustment, apparently, is constitutional democracy.
Democracy is always being tested -- it's an inherent part of what
it stands for. whether it's flag burners, gay activists, klansmen,
or computer hackers, we're always testing the system to see if it
holds up to pressure. i stress that this is NOT an end iwe do
because it interests us, but in the bigger picture we're actually
testing the sincerity of the democratic system, whether we're aware
of it or not.[20]
One of the most important manuals for British hackers was called
"beating the system." The essential argument is that as systems (like
the phone network) become more and more complex, they become
impossible to manage from a centralized office. Hacking at the edges
of the system not only becomes possible, in some cases it becomes
necessary. It becomes an ethical imperative to test the system, lest
it fail when it is most needed (like the AT & T phone switches did in
1990.)
So, in short, the new hacker ethic suggests that it is the ethical
duty of new hackers (or the CU), to : 1) protect data and hardware 2)
respect and protect privacy 3) utilize what is being wasted by others
4) exceed unnecessary restrictions 5) promote peoples' right to
communicate 6) leave no traces 7) share data and software 8) be
vigilant against cyber-tyranny and 9) test security and system
integrity of computer systems.
Violations/Transgressions
These could be considered the "thou shalt nots" of the new hacker
ethic, as opposed to its affirmative "you shoulds." Some of these
transgressions of the hacker ethic are already implied by some of its
basic affirmative principles. We can get an idea of what hackers
believe they should do, based on what they reject as unsuitable
activities of their peers.
1. Bootlegging Commercialism; selling pirated software; hacking for
profit; selling out. Bootlegging violates the new ethic of sharing
and the original hacker ethic which eschewed profit (and embraced
personal satisfaction) as a reason for creating software (hence
the existence of Richard Stallman's GNU Free Software Foundation.)
On occasion the possibility of making a profit from these advances
tempts hackers into commercialism. On other occasions, they see
commercialism as the only way to get their work into the hands of
the masses. When they succeed they become rich, and usually get
moved further and further from hacker life and more and more into
paperwork and then don't live happily ever after.[21]
_____________________________________________________________
Bootleggers are to pirates as a chop-shop is to a home auto
mechanic. Bootleggers are people who DEAL stolen merchandise for
personal gain. Bootleggers are crooks. They sell stolen goods.
Pirates are not crooks, and most pirates consider bootleggers to be
lower life forms than child molesters.[22]
Bootlegging seems to contradict new hacker ethic 7, share!
2. Freeloading Always taking and never contributing. Profitting from
other peoples' efforts without adding to them. "Warez d00dz" and
"Codez d00dz" who are hunting for free software or phone codes
without offering anything in return (a hack, a number, whatever)
are looked down upon. Hoarding and refusing to tell others about
your hacks are seen as wrong. This also violates the new ethic of
sharing.
In fact, pirates may be one of the best forms of advertising for
quality products, because sharing allows a shop-around method for
buying warez. Most of us buy a program for the documents and the
support, but why invest in four or five similar programs if we
aren't sure which best suits our needs? Nah, pirates aren't
freeloaders. We are against freeloading.[23]
3. Trashing Crashing systems; destroying hardware; hurting other
users; malicious vandalism; irreversible damaging or destroying of
data; unleashing destructive viruses, Trojans, logic bombs.
Prankful (non-harmless) games with users and sysops and systems is
acceptable... This is seen as the obvious corollary of the new
ethic to "do no harm."
I. Do not intentionally damage *any* system. Trashing BBSes is
wrong, plain and simple.
II. Do not alter any system files other than ones needed to ensure
your escape from detection and your future access (Trojan Horses,
Altering Logs, and the like are all necessary to your survival for
as long as possible.)[24]
_____________________________________________________________
The one thing I hate, is the way some self-appointed hackers find
there way into a system, and ruin the name of the rest of us by
destroying everything they can find. Now that is pathetic. First of
all, as I said, it ruins the name of the rest of us. Thus, once
again, the "Destructive Computer User" Stereotype... A board
crasher is no more a "hacker" than my grandmother is.[25]
4. Excessive Selfishness Self interest overrules any concern for
other hackers whatsoever. This violation implies others... once
again, we run into the strange divide at the heart of the Hacker
Ethic, which is deeply individualistic, yet also fiercely
communal. Individuals are expected to be highly self-motivated,
but not selfish.
I think you'd be less agitated if you define your categories as
hackers and criminals. The former are in it to explore and the
latter are in it for themselves and nothing else. Of course, some
hackers do break laws on occasion but I don't think that
necessarily turns them into criminals, at least not in the moral
sense.[26]
_____________________________________________________________
Also, some hackers have this massive ego problem... I must name one
here, for that problem, and he is Corporal Punishment... I have had
numerous run-ins with this guy. He seems to think he is a God,
constantly running everyone into the ground. He even went as far as
saying "PHRACK sucks!" But he isn't the only one with that
problem... Some feel that if they put others down, they will
elevate to a higher level. Sorry to burst you bubble guys, but your
only viewed as massive ego-maniacs that deserve nothing less than
being run down yourselves...[27]
_____________________________________________________________
Let us not forget that hackers, crackers, chippers, crunchers, and
whatnot all have ego, and one thing that bothers me about using the
Hacker Ethic to describe people is that ego and self-interest are
not accounted for. How else can you explain crackers selling
pirated software, otherwise intelligent people distributing viruses
to the general public in hope of causing maximum damage to other
users, or hackers breaking into some system and erasing files for
laughs? People break into computers because it's fun and it makes
one feel powerful, not because there is untapped power waiting to
be used if only the right programming "wizard" comes along.[28]
5. The (Selective) Anti-Stealing Ethic Information, services, and
software are not property; hardware, physical property, money, and
monetary services (credit cards, digital cash, phone card numbers)
are. Theft of these is still wrong. Also, the target makes a
difference. Stealing phone service (say, voicemail boxes) from a
large institution like a corporation or the government is OK.
Stealing it from an individual or a small nonprofit is not.
Thus the new hacker ethic, according to its propagandists, does
not embrace theft; instead it simply defines certain things (like
information) as not being personal property, or certain actions
(using phone service) as "borrowing" rather than theft.
So where is the boundary between the hacker world and the criminal
world? To me, it has always been in the same place. We know that
it's wrong to steal tangible objects. We know that it's wrong to
vandalize. We know that it's wrong to invade somebody's privacy.
Not one of these elements is part of the hacker world.[29]
6. Bragging Calling too much attention to oneself. It is acceptable
('elite') to brag in private hacker circles, unacceptable to brag
or make taunts and dares to sysops, law enforcement, or
authorities, or in any public forum where they tend to listen.
Some hackers even consider the first unacceptable, since hacker
boards are monitored by the Secret Service as well. Bragging and
boasting to the media or other non-hackers violates the ethic of
'leave no trace' and keeping a low profile.
Bragging after a neat hack may seem like the natural thing to do.
But just remember that it can only call attention to yourself, and
not everyone who pays attention to hackers are admirers. You may
jeopardize your friends and anyone else who ever accesses the same
system as you.[30]
_____________________________________________________________
True hackers are quiet. I don't mean they talk at about .5 dB, I
mean they keep their mouths shut and don't brag. The number one
killer of those the media would have us call hackers is bragging.
You tell a friend, or you run your mouth on a board, and sooner or
later people in power will find out what you did, who you are, and
you're gone...[31]
7. Spying Snooping, monitoring of people, and invading their privacy
is wrong... so therefore is reading private e-mail, etc. This
follows from the new hacker ethic which sees privacy as a
fundamental right. However, part of the hacker praxis is about
finding out passwords and security holes from users, whether
through "social engineering" or simple snooping and "sniffing."
This is the contradiction, once again, of embracing privacy but
also insisting on unrestricted information.
Some crackers are using computers in the exact *opposite* way that
the first hackers intended them: first, by restricting the
unimpeded and unmonitored flow of information through the computer
networks and phone lines; and second, by using computers to monitor
people, by intrusive methods of information-gathering.[32]
8. Narcing It is wrong to turn other hackers in. This part of their
ethical code is not different from many other criminal
organizations or subcultures, such as prison inmates, drug
addicts, prostitutes, etc., or even 'above-ground' subcultures
such as police departments. ("code of silence.") However, this
code has special meaning for hackers, since many ex-hackers often
decide to become computer security personnel later in life. Many
of their peers consider this 'selling out.'
There's no lower form of life than the narc. Hackers who go and rat
on other hackers are scum. They get lots of promises of immunity
and stuff if they turn in all their friends. Some hackers get back
at other people by turning them into the feds. This is wrong, and
it only damages the hacker community. We need to stick together,
because nobody else is really on our side.[33]
_____________________________________________________________
The last thing I will mention, will be hackers turning in other
hackers to federal crime agencies, or to the PhoneCorp security
offices, or any other type of company that deals with computer
related phraud. This activity, refered to as Narcing, is getting to
be too popular for a hackers good... You may be saying, " Come on,
no hacker in they're right mind would turn another on in ". And
your right... It's once again those self proclaimed hackers, or the
ones who think they are who will do this to get "Even"...[34]
We can then see that new hackers do believe certain things are wrong -
and people who commit these actions are frowned upon and often
prevented from being recognized by the hacker community. Many of the
things new hackers reject, would also be rejected by the community of
old hackers.
Reasons for Change
I coded various "emic" explanations in these texts for why some people
felt the Hacker Ethic had changed. These could potentially provide the
basis for looking for some interesting etic, measurable variables.
1. "More Stuff" Computers are more numerous, more powerful, more
networked, more distributed, more important, more widespread. More
power over society = more corruption, more incentive.
So the process of society adopting a new technology BY DEFINITION
must include the removal of all idealistic motivations originally
present in the promoters of the technology. Computers are power,
and direct contact with power can bring out the best or the worst
in a person. The Hacker Ethic is simply the ideal case: it's
tempting to think that everyone exposed to the technology will be
so grandly inspired, but alas, it just ain't so.
The "hacker ethic" was unnoticed before because fiddling with large
complex systems was so difficult until recently. There have always
been basement tinkers and young pranksters but their explorations
were very local. Once we are all connected, the work of these
investigators ripple through the world we have constructed and
affect us.[35]
_____________________________________________________________
We live in the age of computers. Everything is controlled by
massive mainframes; Our water distribution system, rail-road
control, airline control, electricity control, telephone companies,
etc, etc, etc... Imagine the fun someone can have in one of those
systems!!! Just the fact of getting in them can sometimes be a
major accomplishment. But my point is, what people do once they are
in...[36]
2. Society Society has changed for the worse. Either the old hackers
lived in a more sheltered, supportive, rewarding environment (the
MIT lab where they had access to everything they could ever want,
plus recognition from their mentors and peers), or they simply
lived in a larger society (the U.S. of the 50s) which was more
based on trust, honesty, etc., and that is why their behavior was
different. This might be the sort of sociological explanation
found in a sociology textbook.
PANTY RAIDS: When panty raids meet biotech it may be time to adapt
new rituals; or the cracker phenomena is more complex then that and
has at least something to do with increased levels of social
alienation and how the street finds its own use for things.[37]
_____________________________________________________________
It is my contention that hackers did not change. Society changed,
and it changed for the worse. The environment the early hackers
were working in rewarded them for their mischief and their desire
to experiment and try new things.[38]
3. The Computer Industry has Sold Out
The computer industry sold out; no commercial software developers
today believe in the Hacker Ethic either. They patent software,
copy-protect programs, lock up data and algorithms. New hackers
are merely responding to the times. They wouldn't have to do what
they have to do if the computer industry believed in open
standards and systems and free source code.
And yet, in practice, I can't help but conclude that the computer
revolution is over, and that the people lost. The computer
community is driven now not by a lust for knowledge but by a lust
for money. What were fledgling companies of wild-eyed programmers
sharing knowledge and feeding on each other's ideas have become
corporate behemoths, run by suits and ties, and copyright lawyers,
and the bottom line.[39]
4. Generational Change Hackers, like other youth of their generation
("generation X"), are more alienated, more pessimistic, more
self-centered, more thoughtless, more careless, more pragmatic,
etc. It's not that society, technology, or computing practices
changed; it's just that new hackers come from a generation which
was raised differently from its predecessors and was exposed to
different influences.
It's like you sometimes see in the media - 'GenX' is more in it for
themselves, more likely to try and get ahead through using
information from any which way, and more often see themselves as
getting screwed over by their elders ... so it's not surprising
that they don't have the same attitudes as Baby Boomer hackers.[40]
A future research project might be to try and turn these into etic
variables. If one could operationalize and measure "level of
alienation" for the authors of these texts, it might turn out to be a
causal factor for "level of adherence to the Hacker Ethic," which
would be the degree to which the person espouses the old or new Hacker
ethics. Or one could try and correlate changes in the Hacker Ethic
with changes in computing practices or level of intensification of
computer use.
Repudiations
It's interesting to examine the ways in which 90s hackers often
repudiate the original Hacker Ethic, or the possibility of embracing
any Ethic at all. These are based on some items I coded in the texts,
and other mentions found on the Net.
1. Fraud "The hacker ethic is a fraud" perpetrated by the original
hackers. It's too idealistic to possibly work in the real world.
But the Hacker Ethic is also a fraud. It is a fraud because there
is nothing magical about computers that causes one of its users or
owners to undergo religious conversions and devote themselves to
use of the computer for the betterment of the public good. Early
automobile enthusiasts were tinkerers, inventors, people with a
dream building motorized transportation. Then the new invention
became popular and the elite used it to drive around in luxury.
Then the new invention became accessible, and for many, necessary
for survival. Now we have traffic jams, drunk drivers, air
pollution, and suburban sprawl. Whatever magic still present in the
use of the automobile occasionally surfaces, but we possess no
delusions that it automatically invades the consciousness of
everyone who sits behind the wheel.[41]
2. Individualism Individualistic loners don't tend to subcribe to
communal ethics. Many hackers argue that hacking is by nature
oriented toward individualism rather than "groupthink," and thus
the community of hackers is one of mutually reinforcing
self-interest rather than any true form of fellowship or common
ideology.
3. Many, not one There is no one single hacker ethic; in the extreme
position, every hacker has their own ethic.
I think the problem we're all having is the fact that everyone is
deluding themselves thinking there is only ONE 'hacker ethic'. The
truth of the matter is, everyone has their *OWN* hacker 'ethic'. To
say that we all think the same way is foolish.[42]
4. Anti-professionalism Ethics are usually professional standards; by
their very nature hackers are anti-professional and tend to make
up the rules as they go along. Creating a professional, formalized
code for hackers would mean the end of hacking.
5. Natural Evolution The hacker ethic, like any belief system, must
evolve over time; it's foolish to assume anyone could maintain the
same ethics when everything else (especially technology) changes
so rapidly.
In exploring some of the factors that lead to rejection of the
original Hacker Ethic, we might be able to understand better why
certain hackers do embrace either the old or new one or a combination
of both.
Investigations of Patterns
I did two index tree searches of the NUDIST tree-index to examine my
hypothesis of continuity between the 60s and 90s hackers.
Report 1
This was simply an index search where I told NUDIST to identify the
number of documents which contained codes from both the old and new
hacker ethics' subcodes. Any document which contained one or more
codes from both sets of ethical codes was considered a 'hit,'
indicating knowledge of (if not practice) of both systems. The results
were: retrievals in 15 out of 29 documents or 52 percent. This seems
to be statistically significant, and it is unlikely that hackers would
express elements of both ethical systems purely by chance unless they
were aware of both.
Report 2
I generated a matrix of overlapping documents for the Hacker Ethics
(old and new). This identifies where codes co-occur within the same
text units (as opposed to elsewhere in the same text) and in which
documents.
1 1 1 2 1 3 1 4 1 5 1 6
2 1 24 24, 18
2 2
2 3
2 4
2 5
2 6
2 7
2 8 27 27
2 9
2 10
In document 24, "hacker vs. cracker," we see the co-occurence of the
old hacker ethic of "total access" and the new hacker ethic of "do no
harm," as well as the co-occurence of "information wants to be free"
with "do no harm." In document 18, "Hacker ethic jargon file," we see
the co-occurence of these same sentiments. And in document 27, "Rebels
with a cause," we see the co-occurence of "self defense" with
"information wants to be free" and "computers can change your life for
the better."
Apparently, while hackers may express principles of both hacker
ethics, they are unlikely to do so at the same time or within the same
thought. Co-occurence within the same text unit did not occur very
often - only 3 out of 29 documents.
Conclusions - areas for future research
I feel it safe to say that I can conclude a few basic facts from this
early effort at text analysis. Mostly, I have a basis for a good deal
of future research. I might be able to state more, if I had access to
more documents or more information about their authors beyond their
"handles."
1. New 90s hackers are not unethical. They are not unaware of the
original Hacker Ethic. They have their own ethical system which
combines elements of the old 60s Hacker Ethic with some new
innovations (the new hacker ethic.) The fact that ethics are
important to these hackers is suggested by the fact that they
anethematize "crackers" and "dark side" hackers for transgressions
which violate the spirit of their ethics.
2. There are four interesting areas of investigation for looking into
the changes between the old and new Hacker Ethic. Measurement of
changes in computer technology, social indicators, computer
industry practices, and generational demographics might provide
variables which covary with, and possibly even explain, the
changes in this ideological system.
3. Some new hackers do repudiate the original Hacker Ethic or the
possibility of having an ethic at all. It would be interesting to
find out what aspects of their profiles (age, background,
experience, gender, social class, etc.) correlate with whether or
not they repudiate it and why. There should be some way to predict
whether or not a hacker is likely to embrace the ethic, and how
much they fidelity to it they will demonstrate.
4. The (old and new) Hacker Ethic is not totally idiosyncratic.
Elements of it are similar to principles advocated by American
culture and its "democratic" constitutional and informal ideals;
the ethical codes of professional organizations such as academics,
doctors, and lawyers; the ethical systems of "underground" and
marginalized groups such as addicts, prostitutes, homeless people,
etc.; and traditional ethical precepts of philosophy (such as the
Golden Rule or Kantian categorical imperative.) Hackers are not
alone in wanting privacy, knowledge, or community.
5. The similarity between the old and new hacker ethics suggest that
the new hackers did not emerge out of a distinct "tradition" from
the old hackers. Ethical continuity suggests some demographic
continuity. The 60s and 90s hackers may not be all that different,
despite the fact that the 60s hackers consider the 90s hackers to
be less deserving of the mantle of the term "hacker."
Text Sources
1. Rebels with a Cause
2. Revolt
3. From Crossbows to Crypto
4. Cryptoanarchist Manifesto
5. Declaration of Grievances of the Electronic Community
6. The Manifesto
7. Emmanuel Goldstein Testimony
8. Hack Ethics
9. Hacker vs. Cracker
10. Jargon file - hacker ethic
11. Assert your rights
12. Emmanuel Goldstein testimony
13. Discussion begins
14. Revolt
15. Assert your rights
16. What is hacking?
17. Pirate Newsletter
18. Government ethic
19. Jargon file - hacker ethic
20. The Manifesto
21. Discussion begins
22. Pirate Newsletter
23. Pirate Newsletter
24. Novice's guide to hacking
25. The Hacker's Code of Ethics
26. Cracker subculture
27. The Hacker's Code of Ethics
28. The Manifesto
29. Emmanuel Goldstein testimony
30. What is hacking?
31. Ethics of Hacking
32. Government ethic
33. What is hacking?
34. The Hacker's Code of Ethics
35. Discussion begins
36. The Hacker's Code of Ethics
37. Cracker subculture
38. Digital Free Press #2
39. Discussion begins
40. Anarchist's Guide to the BBS
41. Discussion begins
42. Discussion begins
Copyright 1997, Steve Mizrach
Permission granted to publish on www.infowar.com
seeker1@anthro.ufl.edu