[Image1.gif] Hacker Society By Gilbert Alaverdian In the past, there have been many papers and articles regarding 'Hackers'. Most of these have been written by journalists based on secondary information and by hackers to prove and distinguish themselves to other hackers and the electronic underground. Rarely does the media explain the ethics, codes, rules and regulations that govern this mysterious society. A society that exists known solely amongst underground. A professional approach has not been taken in analysing this mysterious sub culture. This paper is written to give the corporate community and the media an insight into who and what these people are, an understanding of their culture, their codes, their ethics and most of all an insight into what makes them tick... The media and general populace stereotype hackers as malicious, evil and destructive. The true meaning of a hacker is not one that mostpeople are familiar with. Stereotyped as being a 15 year old teenager, sitting behind a computer for hours a night, breaking into systems and deleting or destroying whatever they can. These "kids" are known as Crackers and are not to be confused as Hackers. These crackers are the ones you hear in the news, defacing websites, deleting data, and causing general chaos wherever they go. In the electronic underground real names are never used. People adopt aliases. This gives the anonymous an identity, a recognised amongst the underground. Popular names such as Emmanuel Goldstein, Silicon Toad, Aleph One and others are known in this society. An almost celebrity status is linked to popular aliases. According to http://www.whatis.com the definition of a Cracker is: Someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security system. Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here: * A person who enjoys learning details of a programming language or system * A person who enjoys actually doing the programming rather than just theorizing about it * A person capable of appreciating someone else's hacking * A person who picks up programming quickly * A person who is an expert at a particular programming language or system, as in "UNIX hacker" Just who are these mysterious group of people? What does this subculture do? These questions and the like are questioned by the IT industry. Hacker Ranks Like any society, there exists in the hacking world a hierarchy based on rank. A Hacker is a title given according to one's rank. The rank determines if you are a hacker or cracker. To gain this title you must earn it from the Hacker community. Proving your skills is central to gaining such a title. There is no formal body that determines this. In this closely communicated society, common names spread quickly and become common knowledge. Most hackers in some form or another, know their equivalent counterparts from their names where ever they may be in the world. A Hacker is a title given according to one's rank. Your rank determines if you are a hacker or cracker. To gain this title you have to earn it from the Hacker community. To earn it you have to prove your skills to others. There is no formal underground body that determines this. In this closely communicated society, common names are spread quickly and become common knowledge. Most hackers in some form or another, know their equivalent counterparts from their names where ever they may be in the world. If you are good, you will be known. To increase one's name in the underground, hackers compose exploit code, tutorials, contribute to popular mailing lists, write programs and construct websites. By gaining such exposure, recognition and identification is gained Rank is determined by skills and experience. No one has formally identified the different hacker levels. Naturally these terms may not be embraced or accepted by everyone, including hackers and crackers. Hierarchy [hierarchy.gif] The leaders, the true hackers are known as 'Elite'. The opposing end of the scale, the "wanna-be" hackers are known as 'Lamers'. Elite: Also known as 3l33t, 3l337, 31337 (or similar combinations of alpha-numeric characters with occasional letters replaced by similar looking numbers.) Elite hackers are at the forefront of the security industry. Their restrictions are limitless. Age battles with raw talent. Nevertheless, with older age comes a higher maturity level. They know operating systems inside out, configuring and connecting networks globally, whilst programming code on a daily basis. Naturally gifted, they are both effecient and skilled, using precise knowledge to outsmart the lacklustre comptetion. Due to the sensitive nature of security, many of these people rarely work in security related jobs, sometimes forced into data entry positions, helpdesk, and IT support. When the corporate world subceededs into its noctural state of sleep, these hackers awake. Their unquenchable thirst for knowledge and enourmous sense of curiosity is the deciding factor between success and failure. Why does this code cause a segmentation fault when i run it as a user but not as root? Such questions are the driving force, encouraging a hardworking ethos until they have found the solution to something they have discovered. Their work is a tribute to the struggle itself. They will not settle for anything less. Using the computer as a catalyst for change - the imagination knows no restrictions. Through constant improvement and dissatisfaction, the elite hacker is able to deftly apply the knowledge to change and better his environment. Should he find a flaw in an operating system or software, he will sit down and trace the roots of the flaw, it's cause and oftentimes deliver a possible solution. Experience and utmost skill is essential to never being caught. They hack in and out of systems effeciently without leaving a trace, their presence rarely detected and their hack seldom realised. It's the challenge. The risk. The recognition. They want to prove solely to themselves that they can break into a system and leave just as quietly. They do not delete or erase any data for damaging intent. The only data changed is those to cover their tracks. They have enough technical capabilities to damage entire networks and hack into almost any system and cause irrepairable damage. But they chose not to. Because they follow a code. Because they are elite. There exists a code amongst true hackers, which is discussed later. Though shalt not damage any data. Semi Elite: These hackers are usually a bit younger than their elite counterparts. They also have extensive computer knowledge, they understand operating systems, they know certain holes in operating systems, and are equipped with minor amounts of code - just enough to change exploit code. Many publicly reported attacksare done hackers of this calibre. They may choose to become recognised to show the lower ranks their superiority and to prove a point to their colleagues or peers of the same skill level. This activity is frowned upon by the elite. To them, this is seen as Lame. Their skill insufficient to be of the elite level, as oftentimes mass amounts of logs and fingerprints are left which system administrators notice almost straight away because of their loud and attention seeking activities. Usually such sloppy work and tracks left by them results in them being caught, or otherwise "ratted on" by their counterparts. Developed Kiddie: Based on a younger age group than the higher ranks. Usually these are the older teenagers, usually still in school, who read about a method of hacking and how to do it somewhere. They try it out on numerous systems until one is found which is vulnerable to exploit. Once in, they are usually unware of their actions and either, intentionally or unintentionally, cause destruction or damage and boast to peers their mediocre triumph.. Some may have earned the title of hacker, but most are still seen as crackers by the higher ranks. They do not possess the skills to find any new holes or vulnerabilities or to change current ones to adapt to their given situation. They are always reliant on the higher ranks to supply them with the services they requires, and are knowledgable in computers in general, but do not know fundamental networking or higher grade operating systems other than the GUI OS (Graphical User Interface Operating Systtem) .Most have just begun using UNIX and know only the basics. To them, it is enough to execute exploits. They rarely know how to cover their tracks, hacking is usually done from home or from stolen dial up account from home. When they manage to break into a network, they boast at every possible occasion. They engage in what is seen as extreme lame activities such as credit card fraud, pirating in "warez" (a term given to illegal copies of software), nuking, DoSing and causing general computer chaos to networks that they can easily access. Most serious hacks committed by this level of hacker are almost always prosecuted to the extent allowed by the laws bound by them. Being a minor and under most jurisdictions minors can not be prosecuted causes a problem for law enforcement officials and the corporate world. Once caught, they realise the severity and extent of their crime, usually ceasing to continue this sort of activity after realising the consequences and punishment of their crime. Script Kiddie: Much like the developed kiddie, the Script Kiddie usually enages in the same activities as stated above. These crackers can not earn the title of hacker. They, like lamers (see below) have minimal networking or technical knowledge on operating systems and networks. They seldom explore outside the world of GUI operating systems, using their computer knowledge for warez pirating, and the general activities engaged by lamers and developed kiddies. Hacking is usually done by using popular trojans to harass and annoy normal internet users. The main difference between script kiddies and lamers is a small age difference and a little more technical knowledge. These are usually the students that the computer teacher asks questions to when they do not know the answer themselves. By being asked by a teacher, a false mentality of superiority is seen and an elite level is crowned by equivalent and lower ranks. Lamer: These are the inexperienced multitude who are "wanna be" hackers. In no way, sense or form are they hackers and should always be referred to as crackers. They have hardly any technical knowledge on networking and high end operating systems. Their sole use of computers is to play games, use the internet for ircing, warez trafficking, credit card fraud, etc. They read about hackers in the papers, or hear about news from their friends and inspire to be the same. Their false sense of superiority assists in the illusions of being 'elite'. This mentality causes them to seek hacking tools (including popular trojan software) for their GUI operating systems, with their idea of hacking usually becomes using Trojan software, nuking, DoSing etc.. This boasting inspires others in a similiar situation and on the same technical level to pursue their quest of becoming a hacker. Their word is spread through their IRC and internet communication channels, and the cycle continues. Many lack the technical capacity to reach the elite level, even after years of studying, training and use of computers. They usually reach the developed kiddie or script kiddie stage and stay their until they retire. BOASTING Boasting is undoubtedly one of the key reasons why hackers get caught. Flaunting their actions, your skill level and hacked targets to the electronic underground projects the image of knowledge and "elite"-ness and hence raises your status in the hierarchy, gaining respect and following of the ranks below you. Most hackers do not have the skills to boast about, so they choose the targets carefully. This is their sole method of climbing the hierarchy. Simply, boasting leaves you open to detection and prosecution. HACKERS HELP THE INDUSTRY Every major vendor around the world realises that their internal systems are not always going to comb out every flaw or bug in their code. Most of them rely on "wiz"es and "gurus" to find and report them. Therefore, they have set up methods of contacting them regarding any security flaws, exploits, bugs etc that have been found. It is through such discoveries that we have the improved technologies and software of today. Many initial release software and operating systems were extremely 'buggy' that vendors have had to and still release service packs and update patches to repair them. These flaws are not always given to the vendor upon discovery. Most of the time, they are kept in the "underground" until someone decides that the vendor should be informed. Within the underground, an exploit code is written which takes advantage of the flaw and gives the user higher access to a vulnerable system. Sometimes this code falls into the 'Lamers' hands and it is used stupidly, causing destruction and spreading chaos. This activity alerts administrators of their actions, and they contact the vendors once they have discovered a flaw exists and has been used to compromise their system. Upon being contacted the vendors research their product and flaw, and release a patch to fix the problem. HACKER CODE There is a code of conduct in the hacker community which almost all the true hackers follow. Yes, they have ethics aswell. The ethics of true hackers are based loosly on the following(1) ETHICS The idea of a "hacker ethic" is perhaps best formulated in Steven Levy's 1984 book, Hackers: Heroes of the Computer Revolution. Levy came up with six tenets: 1. Access to computers - and anything which might teach you something about the way the world works - should be unlimited and total. Always yield to the Hands-On imperative! 2. All information should be free. 3. Mistrust authority - promote decentralization. 4. Hackers should be judged by their hacking, not bogus criteria such as degress, age, race, or position. 5. You can create art and beauty on a computer. 6. Computers can change your life for the better. CODE OF CONDUCT The following is a general idea of what code true hackers follow, from Scorpio(2) * Above all else, respect knowledge & freedom of information * Notify system administrators about any security breaches you encounter * Do not profit unfairly from a hack * Do not distribute or collect pirated software * Never take stupid risks - know your own abilities * Always be willing to freely share and teach your gained information and methods * Never hack a system to steal money * Never give access to someone who might do damage * Never intentionally delete or damage a file on a computer you hack * Respect the machine you hack, and treat it like you'd treat your own system With this Ethic and Hackers Code, it reveals that true hackers in NO POSSIBLE WAY want to cause any damage to computers. PENALTIES Hacking is a risky business. Hacking is a risky business. The penalties have become so extreme that sometimes, it just doesn't seem worth it. But hackers still put themselves at risk by continuing with their activities, regardless of the risks. The Crimes Act 1914 of Australia states the following: CRIMES ACT 1914 - SECT 76B Unlawful access to data in Commonwealth and other computers (1)A person who intentionally and without authority obtains access to: (a)data stored in a Commonwealth computer; or (b)data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; is guilty of an offence. Penalty: Imprisonment for 6 months. (2)A person who: (a)with intent to defraud any person and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or (b)intentionally and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer, being data that the person knows or ought reasonably to know relates to: (i)the security, defence or international relations of Australia; (ii)the existence or identity of a confidential source of information relating to the enforcement of a criminal law of the Commonwealth or of a State or Territory; (iii)the enforcement of a law of the Commonwealth or of a State or Territory; (iv)the protection of public safety; (v)the personal affairs of any person; (vi)trade secrets; (vii)records of a financial institution; or (viii)commercial information the disclosure of which could cause advantage or disadvantage to any person; is guilty of an offence. Penalty: Imprisonment for 2 years. (3)A person who: (a)has intentionally and without authority obtained access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; (b)after examining part of that data, knows or ought reasonably to know that the part of the data which the person examined relates wholly or partly to any of the matters referred to in paragraph (2)(b); and (c)continues to examine that data; is guilty of an offence Penalty for a contravention of this subsection: Imprisonment for 2 years. CRIMES ACT 1914 - SECT 76C Damaging data in Commonwealth and other computers A person who intentionally and without authority or lawful excuse: (a)destroys, erases or alters data stored in, or inserts data into, a Commonwealth computer; (b)interferes with, or interrupts or obstructs the lawful use of, a Commonwealth computer; (c)destroys, erases, alters or adds to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or (d)impedes or prevents access to, or impairs the usefulness or effectiveness of, data stored in a Commonwealth computer or data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; is guilty of an offence. Penalty: Imprisonment for 10 years. As you can see, damaging data on another computer has a heftier penalty. "Hacking was about learning how a computer operates. You always tried to push it to the edge. Kids these days, they just want to do any damage they can" - Val Koseroski CONCLUSION The IT industry will always be at least one step behind hackers. Vendors will always bring out and will continue to bring out new patches and new software, proclaiming its safety and security. No sofware and/or system in the world is 100% secure or safe. With the help of hackers, we are discovering new flaws and bugs everyday. With these bugs we are building newer and better versions of software to overcome the found flaw... soon after, a new flaw is discovered and the process begins all over again. The IT industry is not and can not be 100% secure. With the help of hackers, these notions are slowly changing. Without them, technology would not have advanced to today's standards and we would not have the improvements in software which we have today. To the different ranks of hackers who have read this paper. I hope I have given the corporate world an insight into your society. Sure, I may have offended some, and I apologise. Be careful in what you do. There is no great joy and superiority in spending time in jail from hacking. To the corporate world, I hope this paper has cleared up any myths and misconceptions of this eletronic underground community, and provided an insight into a secluded world where many people fear to mention, let alone tread. Knowledge is our greatest asset. Let us use it wisely... (1) http://grex.org/~cyborg/cp/hacker_ethics.html (2) Scorpio "My Code of Ethics" http://packetstorm.securify.com/docs/hack/ethics/my.code.of.ethics.html __________________________________________________________________________________________________________________ [Neo Corporation] http://www.neo.net.au Gilbert Alaverdian is as a Senior Security Consultant at Neo Corporation Pty Limited. Neo is a Sydney based security consultancy firm providing specialised services to corporate clients. __________________________________________________________________________________________________________________