Is there a Hacker Ethic for 90s Hackers

Is there a Hacker Ethic for 90s Hackers?

Introduction

The goal of this text analysis project was to take the texts of the

computer underground and to analyze them for the presence of a)

knowledge about the Hacker Ethic and b) evolution of that Ethic. Many

writers, such as Steven Levy, bemoan the fact that modern-day hackers

(the computer underground) are not worthy of the name because they do

not live up to the principles of the original Hacker Ethic, and as

unethical individuals, should simply be called "computer terrorists"

or "juvenile delinquents." I sought to examine whether 90s new hackers

knew of the old Hacker Ethic, if they had added anything to it, and

the reasons why they felt they acted differently from their

predecessors. I broadened my text analysis to look at what they saw as

ethical violations, and reasons why some might repudiate the Hacker

Ethic or the idea of having an ethic.

As my text project evolved, I found that after discovering the

existence of a new hacker ethic for new hackers, I was wondering if

people expressing the principles of the new ethic also expressed the

old. I expected that the adoption of a new set of ethics would not

necessarily mean the complete abandonment of the old. This would

establish some continuity between both groups of hackers, and some

familiarity by new hackers with the old ideals. If the hypothesis of

continuity turns out to be true, then new hackers are not as different

from old hackers as authors like Levy (or certain computer security

professionals) might claim. They would then not only have their own

ethics, but also utilize some ethical principles of their

predecessors.

I coded 29 documents from the computer underground online using the

NUD*IST text analysis system. I allowed new codes to emerge from other

codes, based on the sort of interactive text-searching and

investigation process that NUDIST makes possible. I decided to code a

few factors that were not directly relevant to my tests, but could

provide avenues for future investigation. Finally, after coding, I

came up with two tests to look at evidence for continuity between the

old and new hacker ethics.

Who is the Computer Underground?

I define the computer underground as members of the following six

groups. Sometimes I refer to the CU as "90s hackers" or "new hackers,"

as opposed to old hackers, who are hackers (old sense of the term)

from the 60s who subscribed to the original Hacker Ethic. See below.

1. Hackers (Crackers, system intruders) - These are people who

attempt to penetrate security systems on remote computers. This is

the new sense of the term, whereas the old sense of the term

simply referred to a person who was capable of creating hacks, or

elegant, unusual, and unexpected uses of technology. Typical

magazines (both print and online) read by hackers include 2600 and

Iron Feather Journal.

2. Phreaks (Phone Phreakers, Blue Boxers) - These are people who

attempt to use technology to explore and/or control the telephone

system. Originally, this involved the use of "blue boxes" or tone

generators, but as the phone company began using digital instead

of electro-mechanical switches, the phreaks became more like

hackers. Typical magazines read by Phreaks include Phrack, Line

Noize, and New Fone Express.

3. Virus writers (also, creators of Trojans, worms, logic bombs) -

These are people who write code which attempts to a) reproduce

itself on other systems without authorization and b) often has a

side effect, whether that be to display a message, play a prank,

or trash a hard drive. Agents and spiders are essentially

'benevolent' virii, raising the question of how underground this

activity really is. Typical magazines read by Virus writers

include 40HEX.

4. Pirates - Piracy is sort of a non-technical matter. Originally, it

involved breaking copy protection on software, and this activity

was called "cracking." Nowadays, few software vendors use copy

protection, but there are still various minor measures used to

prevent the unauthorized duplication of software. Pirates devote

themselves to thwarting these things and sharing commercial

software freely with their friends. They usually read Pirate

Newsletter and Pirate magazine.

5. Cypherpunks (cryptoanarchists) - Cypherpunks freely distribute the

tools and methods for making use of strong encryption, which is

basically unbreakable except by massive supercomputers. Because

the NSA and FBI cannot break strong encryption (which is the basis

of the PGP or Pretty Good Privacy), programs that employ it are

classified as munitions, and distribution of algorithms that make

use of it is a felony. Some cryptoanarchists advocate strong

encryption as a tool to completely evade the State, by preventing

any access whatsoever to financial or personal information. They

typically read the Cypherpunks mailing list.

6. Anarchists - are committed to distributing illegal (or at least

morally suspect) information, including but not limited to data on

bombmaking, lockpicking, pornography, drug manufacturing, pirate

radio, and cable and satellite TV piracy. In this parlance of the

computer underground, anarchists are less likely to advocate the

overthrow of government than the simple refusal to obey

restrictions on distributing information. They tend to read Cult

of the Dead Cow (CDC) and Activist Times Incorporated (ATI).

7. Cyberpunk - usually some combination of the above, plus interest

in technological self-modification, science fiction of the

Neuromancer genre, and interest in hardware hacking and "street

tech." A youth subculture in its own right, with some overlaps

with the "modern primitive" and "raver" subcultures.

The Documents

These 29 text files come from the following sources: the WELL (Whole

Earth 'Lectronic Link) BBS, the MindVox BBS archives, various other

hacker boards, the Usenet newsgroup alt.2600, World Wide Web HTML

documents, the gopher.eff.org hacking 'zine archive, the

cypherpunks.org ftp site, and a netwide search on documents containing

the search term "hacker ethic." Documents were selected for this study

for relevance, and thus do not constitute a fully randomized sample of

electronic text.

1. Discussion begins

2. An unwritten manifesto?

3. Government ethic

4. Hacker theory to practice

5. The Manifesto

6. The MetaForum

In 1990, the online bulletin board system (BBS) known as the WELL

(Whole Earth 'Lectronic Link) co-hosted a conference with Harper's

magazine to discuss the future of hacking. Old and new hackers

were invited to participate. These are transcripts of the various

postings to the topic headings in the conference.

7. Cracker subculture

8. Hackers wanted

These are transcripts of postings to two other topic headings in

the WELL Hacker Conference forum.

9. Assert your rights

10. Defense of Piracy

11. Revolt

These are three "propaganda" text files by hacker Subvert, where

he attempts to make the moral case for hacking.

12. From Crossbows to Cryptography: Thwarting the State via Technology

13. The Crypto Anarchist Manifesto

These two documents from the cypherpunks ftp archive attempt to

make the case for strong encryption and cryptoanarchy.

14. Pirate

15. Pirate Newsletter

These are two e-zines for pirates.

16. Ethics of Hacking by "dissident"

17. Hack Ethics -- A definition of the hacker ethic from the MIT

"Fishwrap Gallery"

18. Jargon File hacker ethic -- Definition of "hacker ethic" from the

Hacker's Jargon File (online companion to Hacker's Dictionary) 3.0

19. The Hacker's Code of Ethics by "Darkman"

These are four texts which deal directly with ethical issues

pertaining to hacking. Two are simply definition files.

20. CDC -- Cult of the Dead Cow description file

21. Digital Free Press -- a hacker e-zine

22. Emmanuel Goldstein testimony-- Testimony of the 2600 leader before

a Congressional hearing on hacking

23. Hacker Manifesto -- "The Conscience of a Hacker" by Mentor

24. Hacker vs Cracker -- " The Difference between Hackers and

Crackers" by CandyMan

25. Novice's guide to hacking -- A guide by Mentor and the Legion of

Doom (LOD), circa 1989

26. Phrack- Declaration of Grievances of the Electronic Community --

An imitation of the grievances clauses from the Declaration of

Independence, updated for the cyberspace era, containing

complaints about current technology policy.

27. Rebels with a Cause -- A 1994 honors essay by Anthropology student

Tanja Rosteck, containing some transcripts of hacker interviews

and statements.

28. What is hacking? -- Definition file from Hacker's Haven Website

29. The Anarchist's Guide to the BBS -- a description of using BBSes

for CU purposes.

Other miscellaneous files.

The Original Hacker Ethic

Every profession or trade tends to have an ethical code which suggests

that it is capable of self-regulation of its members. The code

demonstrates the shared core values necessary for people to practice

within the professional community. And it enables the public and the

government to have some degree of trust for the profession. Some of

these codes may be very ancient and formalized, such as the

Hippocratic Oath sworn by physicians. Others may be very modern and

legalistic, like the code of ethics for applied or academic

anthropologists. Some ethical systems may be "underground," (such as

the Pirates' Code of 18th century buccaneers or Mafia oaths of

loyalty) enabling members of subcultures or groups to survive,

cooperate, and escape outsiders. Yet others like the original Hacker

Ethic are very informal and simple - rules of thumb to live by.

Groups employ different means of enforcing their ethical systems. Some

provisions are often recognized as simply being archaic and are

ignored. This is why most doctors do not heed the prohibitions in the

Hippocratic Oath against abortion or euthanasia, yet most (but not

all!) believe in the ethical principle of not refusing critical

treatment to a patient who is unable to pay. Other groups (such as

anthropologists) often devise ethical codes simply because they are

forced to by the bad behavior of some of their members in the past,

and their provisions are specifically tailored to probems that have

arisen. Violating some ethical codes can get you banned from the

profession or worse, when professional associations exist to enforce

the regulations; with hackers, breaking the Hacker Ethic seems to

result mostly in anathema or social ostracization, a time-honored

method of social control.

The original Hacker Ethic was sort of an impromptu, informal ethical

code developed by the original hackers of MIT and Stanford (SAIL) in

the 50s and 60s. These "hackers" were the first generation of

programmers, employing time-sharing terminal access to 'dumb'

mainframes, and they often confronted various sorts of bureaucratic

interference that prevented them from exploring fully how

technological systems (computers, but also model trains, university

steam tunnels, university phone systems, etc.) worked. The ethic

reflects their resistance to these obstacles, and their ideology of

the liberatory power of technology. The six principles of the Hacker

Ethic are listed below, with some text samples showing where it

appears within these documents.

A concise summation of it can be found in Steven Levy's 1984 book

Hackers: Heroes of the Computer Revolution. Levy suggested that

because of their Ethic and their unconventional style, hackers like

Jobs and Wozniak were able to launch the "computer revolution,"

resulting in the first personal computer (the Apple) which was easy to

use and which put programming power in the individual's hands. Here I

cite documents from my sample which reiterate some of its principles.

1. Hands On Imperative: Access to computers and hardware should be

complete and total. It is asserted to be a categorical imperative

to remove any barriers between people and the use and

understanding of any technology, no matter how large, complex,

dangerous, labyrinthine, proprietary, or powerful.

As we can see, this has not been the case. The computer system has

been solely in the hands of big businesses and the government. The

wonderful device meant to enrich life has become a weapon which

dehumanizes people. To the government and large businesses, people

are no more than disk space, and the government doesn't use

computers to arrange aid for the poor, but to control nuclear death

weapons. The average American can only have access to a small

microcomputer which is worth only a fraction of what they pay for

it. The businesses keep the true state of the art equipment away

from the people behind a steel wall of incredibly high prices and

bureaucracy. It is because of this state of affairs that hacking

was born. ("Doctor Crash", 1986)[1]

2. "Information Wants to Be Free" "Information wants to be free" can

be interpreted in three ways. Free might mean without restrictions

(freedom of movement = no censorship), without control (freedom of

change/evolution = no ownership or authorship, no intellectual

property), or without monetary value (no cost.) Some hackers even

take this to mean information is alive, free to act on its own

agency, as viruses, genetic algorithms, 'bots and other software

programs do. Most hackers seem to advocate this principle in

different senses of the word "free" at different times. In any

case, when asked about the content of the Hacker Ethic, most

people assert this as the key principle.

There is much knowledge that is disallowed, hidden. Government

activities, corporate crime, and "illegitimate" information needs

to be disseminated. People without access to technology need it -

they can contribute to the world. Distributing this information is

illegal, potentially dangerous. This, in my humble opinion, is the

best use of hacked accounts. Obtaining information, disseminating

information needs anonymity. This protects your hide. This is

important. Whistle blowers are only silenced when their identity is

known...

_____________________________________________________________

Access to information

Yes, access is a right you have. You need to know when the

government is killing people, radiating them, listening to them,

lying to them, lying to you. You have a right to gain access to

information about OUR government. This government is supposedly of

the people, by the people, power granted by a social contract.[2]

3. Mistrust Authority. Promote decentralization. This element of the

ethic shows its strong anarchistic, individualistic, and

libertarian nature. Hackers have always shown distrust toward

large institutions, including but not limited to the State,

corporations, and computer administrative bureaucracies (the IBM

'priesthood'). Tools like the PC are said to move power away from

large organizations (who use mainframes) and put them in the hands

of the 'little guy' user. Nowhere is this ethos stronger than

among the anti-statist cypherpunks and extropians.

In fact, technology represents one of the most promising avenues

available for re-capturing our freedoms from those who have stolen

them. By its very nature, it favors the bright (who can put it to

use) over the dull (who cannot). It favors the adaptable (who are

quick to see the merit of the new (over the sluggish, who cling to

time-tested ways). And what two better words are there to describe

government bureaucracy than "dull" and "sluggish"?[3]

_____________________________________________________________

The State will of course try to slow or halt the spread of this

technology, citing national security concerns, use of the

technology by drug dealers and tax evaders, and fears of societal

disintegration. Many of these concerns will be valid; crypto

anarchy will allow national secrets to be traded freely and will

allow illicit and stolen materials to be traded. An anonymous

computerized market will even make possible abhorrent markets for

assassinations and extortion. Various criminal and foreign elements

will be active users of CryptoNet. But this will not halt the

spread of cryptoanarchy.[4]

4. No Bogus Criteria: Hackers should be judged by their hacking, not

by "bogus criteria" such as race, age, sex, or position. Nowhere

is this ethos more apparent than in the strong embrace by most

hackers of the levelling power of the Internet, where anonymity

makes it possible for all such 'variables' about a person to

remain unknown, and where their ideas must be judged on their

merits alone since such contextual factors are not available.

The Internet is one of the best hacks the world has to offer. It

has continually shattered deeply ingrained social prejudices

concerning characteristics such as age, race, wealth, and sex. In

fact, it is common to find 14 year olds arguing philosophy with 41

year olds on America's computer networks![5]

5. "You can create truth and beauty on a computer." Hacking is

equated with artistry and creativity. Furthermore, this element of

the ethos raises it to the level of philosophy (as opposed to

simple pragmatism), which (at least in some quarters) is about

humanity's search for the good, the true, and the beautiful.

Without question, good/great programming (hacking) is art and as

with art each person has their own signature and style (which

changes over time). Quite a few years ago I was reviewing some

derivative works of one hacker, and found the lack of signature and

style of the original.[6]

6. "Computers can change your life for the better." In some ways,

this last statement really is simply a corollary of the previous

one. Since most of humanity desires things that are good, true,

and/or beautiful, the fact that a computer can create such things

would seem to mean that axiomatically it can change peoples' lives

for the better. However, this is merely a declarative statement,

which like the previous one reflects a deep-felt love of

technology. It does not state explicitly that computers should

always change peoples' lives for the better, or the principle that

would follow from that, which is that it is unethical to use them

to make peoples' lives worse. .. Many hackers see the Internet as

an immense positive force, and this reiterated again by hacker

Emmanuel Goldstein --

The future holds such enormous potential. It is vital that we not

succumb to our fears and allow our democratic ideals and privacy

values to be shattered. In many ways, the world of cyberspace is

more real than the real world itself. I say this because it is only

within the virtual world that people are really free to be

themselves - to speak without fear of reprisal, to be anonymous if

they so choose, to participate in a dialogue where one is judged by

the merits of their words, not the color of their skin or the

timbre of their voice. Contrast this to our existing "real" world

where we often have people sized up before they even utter a word.

The Internet has evolved, on its own volition, to become a true

bastion of worldwide democracy. It is the obligation of this

committee, and of governments throughout the world, not to stand in

its way.[7]

Thus, the ethical principles of the Hacker Ethic suggest it is the

ethical duty of the hacker to remove barriers, liberate information,

decentralize power, honor people based on their ability, and create

things that are good and life-enhancing through computers. It remains

an open question (of interpretation) as to whether it advocates the

free distribution of software (the GNU/Richard Stallman position), the

injunction against using computers for malicious purposes (the

Clifford Stoll position), or the need for secure networks based on

trust (the Steven Levy position.) Each of these document samples show

that new hackers are aware of, and advocate (whether intentionally or

accidentally) elements of the original Hacker Ethic.

New Hacker Ethic

From my documents, I found that there is a new hacker ethic which 90s

hackers live by. There are fragments of continuity from the old hacker

ethic, as one can see. The new ethic appears to have developed like

the old one, informally and by processes of mutual reinforcement. The

new ethic seems to contain some ambiguities (like the old one) and a

few contradictions. This may be due to the fact that its practicioners

are more numerous and more dispersed than the original 60s hackers.

1. "Above all else, do no harm" Do not damage computers or data if at

all possible. Much like the key element of the Hippocratic Oath.

According to the "hacker ethic," a hack must: * be safe

* not damage anything

* not damage anyone, either physically, mentally or emotionally

* be funny, at least to most of the people who experience it

[8]

_________________________________________________________________

It is against hacker ethics to alter any data aside from the logs

that are needed to clean their tracks. They have no need or desire

to destroy data as the malicious crackers. They are there to

explore the system and learn more. The hacker has a constant

yearning and thirst for knowledge that increases in intensity as

their journey progresses.[9]

_________________________________________________________________

2. The belief that system-cracking for fun and exploration is

ethically OK as long as the cracker commits no theft, vandalism, or

breach of confidentiality.[10]

Of course, the key problem with this ethical position is its stance on

intent. One should not damage data deliberately. But what if, as often

happens in hacking attempts, one accidentally erases or alters data

while trying to alter system log files or user records? Is that an

ethical violation? Also, the question of what constitutes "harm" is

left open. Most hackers seem to see pranks and practical jokes as

harmless, regardless of their psychological impact. Yet their victims

may not feel these are so 'harmless,' especially if this causes them

to lose valuable time or effort.

Protect Privacy People have a right to privacy, which means control

over their own personal (or even familial) information. Privacy rights

are notably missing from the U.S. Constitution, but they have been

brought to the forefront of modern legal argument due to the growing

surveillance power of technology. There still is no codified right to

privacy for U.S. citizens, although the Supreme Court has ruled that

it is contained implicitly in its judgements legalizing the

distribution of birth control and the right to first-trimester

abortion.

How far do privacy rights go, however? Do people also have an

intrinsic right to online anonymity? Do I have the right to conceal my

health status, criminal record, or sexuality from my employer? Are

some people (politicians, celebrities, etc.) entitled to less privacy

than others? Does my social security number, credit history, or

telephone number belong only to me? Further, the strange thing about

hackers asserting a right to privacy is that it declares a certain

kind of information to not be free. Thus, in some ways this is a

contradiction to the original hacker ethic.

Your right to Privacy

Privacy is a right we beleive we have. Unfortunately privacy is not

explicitately protected in the constitution. Our consitution is

dated in that respect, there weren't the threats to privacy then as

there are now. Technology is truly a double-edged sword. The

abscense of privacy provisions in the constitution does not make it

any less important. Indeed, the lack of constitutional protections

have allowed our privacy to be gravely threatened.[11]

_________________________________________________________________

The concept of privacy is something that is very important to a

hacker. This is so because hackers know how fragile privacy is in

today's world. Wherever possible we encourage people to protect

their directories, encrypt their electronic mail, not use cellular

phones, and whatever else it takes to keep their lives to

themselves. In 1984 hackers were instrumental in showing the world

how TRW kept credit files on millions of Americans. Most people had

never even heard of a credit file until this happened. Passwords

were very poorly guarded - in fact, credit reports had the password

printed on the credit report itself.[12]

The second argument is an interesting one. The problem most hackers

had with TRW is not they kept files on most peoples' credit histories

without their knowledge (thus they couldn't see if they contained any

errors), and it was on that (unknown) basis that they were denied

loans, credit cards, mortgages, etc. It was that those files were

insecure.

"Waste not, want not." Computer resources should not lie idle and

wasted. It's ethically wrong to keep people out of systems when they

could be using them during idle time. This is what some people call

the "joy riders' ethic." If you borrow someone's car, and return it

with no damage, a full tank of gas, and perhaps even some suggestions

for improved performance, have you not done them a favor? Especially

if they never know you borrowed it in the first place for a few road

trips? Isn't it wasting that precious engine power to leave the car in

a parking spot while somebody else could be using it for a grocery

trip? (Is it an ethical violation to borrow the car and make a set of

keys for yourself so you can borrow it whenever you feel like? This

is, after all, what most hackers do when they give themselves sysadmin

privileges.) Yet most are possessive over the use of their own

personal computer.

The hacker ethics involves several things. One of these is avoiding

waste. Over the internet, we have about a quarter million computers

each of which is virtually unused for 10 hours a day. A true hacker

seeing something useful that he could do with terraflops of

computing power that would otherwise be wasted might would request

permission to use these machines and would probably go ahead and

use them even if permission was denied. In doing so, he would take

the greatest possible precautions to not damage the system.[13]

Exceed Limitations Hacking is about the continual transcendence of

problem limitations. Some old hackers assert this principle, as an

informal seventh addition to the original Ethic. Telling a hacker

something can't be done, is a moral imperative for him to try.

"Extropians" believe there is a universal force of expansion and

growth, inverse to entropy, which they call "extropy." Hacking is seen

as extropian because it always seeks to surpass current limits.

Technology is seen as a necessarily exponential force of growth.

Limitations must be overcome. For some hackers, these limitations

might be unjust laws or outdated moral codes.

To become free it may be necessary to break free from medieval

morality, break unjust laws, and be a disloyal employee. Some may

call you an disloyal, sinful criminal. To be free in a room of

slaves is demoralizing. Free your fellow man, give him the tools,

the knowledge to fight oppression. Do not infringe on others'

rights.[14]

The Communicational Imperative People have the right to communicate

and associate with their peers freely. The United Nations

International Telecommunications Union (ITU) has stated in many

conferences that this should be a fundamental human right, with which

no nation should ever interfere. The sweeping freedoms given to

amateur radio hobbyists internationally reflect this belief. Globally,

it remains a significant moral problem, in that most developing

nations lack the infrastructure to grant this right. Various UN

reports have shown that despite the rhetoric, many Third World nations

do not have access to the "global" information superhighway because

they lack "onramps." Their telecommunications infrastructure is

lacking.

Most hackers strongly support the 1st amendments' rights to

communication and assembly, since these are necessary for the free

flow of information. Phreakers take this a step beyond, however, in

asserting that people should have the right to communicate with each

other cheaply (thus poor people have as much right to talk on the

phone long distance as the rest of us) and easily . When

telecommunications companies are an obstacle to this right to

communicate, phreaking (blue boxing the phone system, making

unauthorized 'bridge' conference calls, using empty voicemail boxes,

etc.) is said to be the answer.

The Right to communicate

Communicate!

This is our strongest right, and our most crucial. There mere fact

that this page is allowed to exist is proof that our 1st amendment

has not crumbled completely. Despite the governmental protection,

there are threats to our freedom to communicate.[15]

Leave No Traces Don't leave a trail or trace of your presence; don't

call attention to yourself or your exploits. Keep quiet, so everyone

can enjoy what you have. This is an ethical principle, in that the

hacker follows it not only for his own self-interest, but also to

protect other hackers from being caught or losing access. Such a

principle can be found among various criminal or underground

organizations. Of course, there is a contradiction between asserting a

need for secrecy (as well as privacy), and the need for unrestricted

information.

The rules a Hacker lives by:

1. Keep a low profile.

2. If suspected, keep a lower profile.

3. If accused, deny it.

4. If caught, plea the 5th.[16]

Share! Information increases in value by sharing it with the maximum

number of people; don't hoard, don't hide. Just because it wants to be

free, does not mean necessarily you must give it to as many people as

possible. This principle can be seen as an elaboration on an original

ethical principle. The Pirates' ethic is that piracy increases

interest in software, by giving people a chance to try it out and

experiment with it before paying for it. So sharing software with your

friends is a good thing.

Pirates SHARE warez to learn, trade information, and have fun! But,

being a pirate is more than swapping warez. It's a life style and a

passion. The office worker or class mate who brings in a disk with

a few files is not necessarily a pirate any more than a friend

laying a copy of the lastest Depeche Mode album on you is a pirate.

The *TRUE* pirate is plugged into a larger group of people who

share similar interests in warez. This is usually done through

Bulletin Board Systems (BBSs), and the rule of thumb is "you gotta

give a little to get a little...ya gets back what ya gives."

Pirates are NOT freeloaders, and only lamerz think they get

something for nothing.[17]

Self Defense against a Cyberpunk Future Hacking and viruses are

necessary to protect people from a possible 1984/cyberpunk dystopian

future, or even in the present from the growing power of government

and corporations. It's a moral imperative to use hacking as the

equivalent of 'jujitsu,' allowing the individual to overcome larger,

more impersonal, more powerful forces that can control their lives. If

governments and corporations know they can be hacked, then they will

not overstep their power to afflict the citizenry.

I believe, before it's all over, that the War between those who

love liberty and the control freaks who have been waiting for to

rid America of all that constitutional mollycoddling called the

Bill of Rights, will escalate.

Should that come to pass, I will want to use every available method

to vex and confuse the eyes and ears of surveillance. Viruses could

become the necessary defense against a government that fears your

computer.[18]

What's interesting is that this principle recognizes and asserts that

it's not only possible but also likely for computers to have a dark

side and to be used for purposes other than truth and beauty, and that

we need to be wary of technology, or at least technology in the wrong

hands.

Hacking Helps Security This could be called the "Tiger team ethic":

it is useful and courteous to find security holes, and then tell

people how to fix them. Hacking is a positive force, because it shows

people how to mend weak security, or in some cases to recognize and

accept that total security is unattainable, without drastic sacrifice.

Sense 2 is more controversial: some people consider the act of

cracking itself to be unethical, like breaking and entering. But

the belief that `ethical' cracking excludes destruction at least

moderates the behavior of people who see themselves as `benign'

crackers (see also samurai). Based on this view, it may be one of

the highest forms of hackerly courtesy to (a) break into a system,

and then (b) explain to the sysop, preferably by email from a

superuser account, exactly how it was done and how the hole can be

plugged --- acting as an unpaid (and unsolicited) tiger team.[19]

Many software companies today, including Lotus, regularly use tiger

teams to test their security systems. So, this ethical principle seems

to be agreed upon by some members of the industry -- to a certain

extent. Even Lotus does not want its systems being tested by hackers

who are not under its employ or control.

Trust, but Test! You must constantly test the integrity of systems

and find ways to improve them. Do not leave their maintenance and

schematics to others; understand fully the systems you use or which

affect you. If you can exploit certain systems (such as the telephone

network) in ways that their creators never intended or anticipated,

that's all to the better. This could help them create better systems.

One of those systems that may require constant revision, testing, and

adjustment, apparently, is constitutional democracy.

Democracy is always being tested -- it's an inherent part of what

it stands for. whether it's flag burners, gay activists, klansmen,

or computer hackers, we're always testing the system to see if it

holds up to pressure. i stress that this is NOT an end iwe do

because it interests us, but in the bigger picture we're actually

testing the sincerity of the democratic system, whether we're aware

of it or not.[20]

One of the most important manuals for British hackers was called

"beating the system." The essential argument is that as systems (like

the phone network) become more and more complex, they become

impossible to manage from a centralized office. Hacking at the edges

of the system not only becomes possible, in some cases it becomes

necessary. It becomes an ethical imperative to test the system, lest

it fail when it is most needed (like the AT & T phone switches did in

1990.)

So, in short, the new hacker ethic suggests that it is the ethical

duty of new hackers (or the CU), to : 1) protect data and hardware 2)

respect and protect privacy 3) utilize what is being wasted by others

4) exceed unnecessary restrictions 5) promote peoples' right to

communicate 6) leave no traces 7) share data and software 8) be

vigilant against cyber-tyranny and 9) test security and system

integrity of computer systems.

Violations/Transgressions

These could be considered the "thou shalt nots" of the new hacker

ethic, as opposed to its affirmative "you shoulds." Some of these

transgressions of the hacker ethic are already implied by some of its

basic affirmative principles. We can get an idea of what hackers

believe they should do, based on what they reject as unsuitable

activities of their peers.

1. Bootlegging Commercialism; selling pirated software; hacking for

profit; selling out. Bootlegging violates the new ethic of sharing

and the original hacker ethic which eschewed profit (and embraced

personal satisfaction) as a reason for creating software (hence

the existence of Richard Stallman's GNU Free Software Foundation.)

On occasion the possibility of making a profit from these advances

tempts hackers into commercialism. On other occasions, they see

commercialism as the only way to get their work into the hands of

the masses. When they succeed they become rich, and usually get

moved further and further from hacker life and more and more into

paperwork and then don't live happily ever after.[21]

_____________________________________________________________

Bootleggers are to pirates as a chop-shop is to a home auto

mechanic. Bootleggers are people who DEAL stolen merchandise for

personal gain. Bootleggers are crooks. They sell stolen goods.

Pirates are not crooks, and most pirates consider bootleggers to be

lower life forms than child molesters.[22]

Bootlegging seems to contradict new hacker ethic 7, share!

2. Freeloading Always taking and never contributing. Profitting from

other peoples' efforts without adding to them. "Warez d00dz" and

"Codez d00dz" who are hunting for free software or phone codes

without offering anything in return (a hack, a number, whatever)

are looked down upon. Hoarding and refusing to tell others about

your hacks are seen as wrong. This also violates the new ethic of

sharing.

In fact, pirates may be one of the best forms of advertising for

quality products, because sharing allows a shop-around method for

buying warez. Most of us buy a program for the documents and the

support, but why invest in four or five similar programs if we

aren't sure which best suits our needs? Nah, pirates aren't

freeloaders. We are against freeloading.[23]

3. Trashing Crashing systems; destroying hardware; hurting other

users; malicious vandalism; irreversible damaging or destroying of

data; unleashing destructive viruses, Trojans, logic bombs.

Prankful (non-harmless) games with users and sysops and systems is

acceptable... This is seen as the obvious corollary of the new

ethic to "do no harm."

I. Do not intentionally damage *any* system. Trashing BBSes is

wrong, plain and simple.

II. Do not alter any system files other than ones needed to ensure

your escape from detection and your future access (Trojan Horses,

Altering Logs, and the like are all necessary to your survival for

as long as possible.)[24]

_____________________________________________________________

The one thing I hate, is the way some self-appointed hackers find

there way into a system, and ruin the name of the rest of us by

destroying everything they can find. Now that is pathetic. First of

all, as I said, it ruins the name of the rest of us. Thus, once

again, the "Destructive Computer User" Stereotype... A board

crasher is no more a "hacker" than my grandmother is.[25]

4. Excessive Selfishness Self interest overrules any concern for

other hackers whatsoever. This violation implies others... once

again, we run into the strange divide at the heart of the Hacker

Ethic, which is deeply individualistic, yet also fiercely

communal. Individuals are expected to be highly self-motivated,

but not selfish.

I think you'd be less agitated if you define your categories as

hackers and criminals. The former are in it to explore and the

latter are in it for themselves and nothing else. Of course, some

hackers do break laws on occasion but I don't think that

necessarily turns them into criminals, at least not in the moral

sense.[26]

_____________________________________________________________

Also, some hackers have this massive ego problem... I must name one

here, for that problem, and he is Corporal Punishment... I have had

numerous run-ins with this guy. He seems to think he is a God,

constantly running everyone into the ground. He even went as far as

saying "PHRACK sucks!" But he isn't the only one with that

problem... Some feel that if they put others down, they will

elevate to a higher level. Sorry to burst you bubble guys, but your

only viewed as massive ego-maniacs that deserve nothing less than

being run down yourselves...[27]

_____________________________________________________________

Let us not forget that hackers, crackers, chippers, crunchers, and

whatnot all have ego, and one thing that bothers me about using the

Hacker Ethic to describe people is that ego and self-interest are

not accounted for. How else can you explain crackers selling

pirated software, otherwise intelligent people distributing viruses

to the general public in hope of causing maximum damage to other

users, or hackers breaking into some system and erasing files for

laughs? People break into computers because it's fun and it makes

one feel powerful, not because there is untapped power waiting to

be used if only the right programming "wizard" comes along.[28]

5. The (Selective) Anti-Stealing Ethic Information, services, and

software are not property; hardware, physical property, money, and

monetary services (credit cards, digital cash, phone card numbers)

are. Theft of these is still wrong. Also, the target makes a

difference. Stealing phone service (say, voicemail boxes) from a

large institution like a corporation or the government is OK.

Stealing it from an individual or a small nonprofit is not.

Thus the new hacker ethic, according to its propagandists, does

not embrace theft; instead it simply defines certain things (like

information) as not being personal property, or certain actions

(using phone service) as "borrowing" rather than theft.

So where is the boundary between the hacker world and the criminal

world? To me, it has always been in the same place. We know that

it's wrong to steal tangible objects. We know that it's wrong to

vandalize. We know that it's wrong to invade somebody's privacy.

Not one of these elements is part of the hacker world.[29]

6. Bragging Calling too much attention to oneself. It is acceptable

('elite') to brag in private hacker circles, unacceptable to brag

or make taunts and dares to sysops, law enforcement, or

authorities, or in any public forum where they tend to listen.

Some hackers even consider the first unacceptable, since hacker

boards are monitored by the Secret Service as well. Bragging and

boasting to the media or other non-hackers violates the ethic of

'leave no trace' and keeping a low profile.

Bragging after a neat hack may seem like the natural thing to do.

But just remember that it can only call attention to yourself, and

not everyone who pays attention to hackers are admirers. You may

jeopardize your friends and anyone else who ever accesses the same

system as you.[30]

_____________________________________________________________

True hackers are quiet. I don't mean they talk at about .5 dB, I

mean they keep their mouths shut and don't brag. The number one

killer of those the media would have us call hackers is bragging.

You tell a friend, or you run your mouth on a board, and sooner or

later people in power will find out what you did, who you are, and

you're gone...[31]

7. Spying Snooping, monitoring of people, and invading their privacy

is wrong... so therefore is reading private e-mail, etc. This

follows from the new hacker ethic which sees privacy as a

fundamental right. However, part of the hacker praxis is about

finding out passwords and security holes from users, whether

through "social engineering" or simple snooping and "sniffing."

This is the contradiction, once again, of embracing privacy but

also insisting on unrestricted information.

Some crackers are using computers in the exact *opposite* way that

the first hackers intended them: first, by restricting the

unimpeded and unmonitored flow of information through the computer

networks and phone lines; and second, by using computers to monitor

people, by intrusive methods of information-gathering.[32]

8. Narcing It is wrong to turn other hackers in. This part of their

ethical code is not different from many other criminal

organizations or subcultures, such as prison inmates, drug

addicts, prostitutes, etc., or even 'above-ground' subcultures

such as police departments. ("code of silence.") However, this

code has special meaning for hackers, since many ex-hackers often

decide to become computer security personnel later in life. Many

of their peers consider this 'selling out.'

There's no lower form of life than the narc. Hackers who go and rat

on other hackers are scum. They get lots of promises of immunity

and stuff if they turn in all their friends. Some hackers get back

at other people by turning them into the feds. This is wrong, and

it only damages the hacker community. We need to stick together,

because nobody else is really on our side.[33]

_____________________________________________________________

The last thing I will mention, will be hackers turning in other

hackers to federal crime agencies, or to the PhoneCorp security

offices, or any other type of company that deals with computer

related phraud. This activity, refered to as Narcing, is getting to

be too popular for a hackers good... You may be saying, " Come on,

no hacker in they're right mind would turn another on in ". And

your right... It's once again those self proclaimed hackers, or the

ones who think they are who will do this to get "Even"...[34]

We can then see that new hackers do believe certain things are wrong -

and people who commit these actions are frowned upon and often

prevented from being recognized by the hacker community. Many of the

things new hackers reject, would also be rejected by the community of

old hackers.

Reasons for Change

I coded various "emic" explanations in these texts for why some people

felt the Hacker Ethic had changed. These could potentially provide the

basis for looking for some interesting etic, measurable variables.

1. "More Stuff" Computers are more numerous, more powerful, more

networked, more distributed, more important, more widespread. More

power over society = more corruption, more incentive.

So the process of society adopting a new technology BY DEFINITION

must include the removal of all idealistic motivations originally

present in the promoters of the technology. Computers are power,

and direct contact with power can bring out the best or the worst

in a person. The Hacker Ethic is simply the ideal case: it's

tempting to think that everyone exposed to the technology will be

so grandly inspired, but alas, it just ain't so.

The "hacker ethic" was unnoticed before because fiddling with large

complex systems was so difficult until recently. There have always

been basement tinkers and young pranksters but their explorations

were very local. Once we are all connected, the work of these

investigators ripple through the world we have constructed and

affect us.[35]

_____________________________________________________________

We live in the age of computers. Everything is controlled by

massive mainframes; Our water distribution system, rail-road

control, airline control, electricity control, telephone companies,

etc, etc, etc... Imagine the fun someone can have in one of those

systems!!! Just the fact of getting in them can sometimes be a

major accomplishment. But my point is, what people do once they are

in...[36]

2. Society Society has changed for the worse. Either the old hackers

lived in a more sheltered, supportive, rewarding environment (the

MIT lab where they had access to everything they could ever want,

plus recognition from their mentors and peers), or they simply

lived in a larger society (the U.S. of the 50s) which was more

based on trust, honesty, etc., and that is why their behavior was

different. This might be the sort of sociological explanation

found in a sociology textbook.

PANTY RAIDS: When panty raids meet biotech it may be time to adapt

new rituals; or the cracker phenomena is more complex then that and

has at least something to do with increased levels of social

alienation and how the street finds its own use for things.[37]

_____________________________________________________________

It is my contention that hackers did not change. Society changed,

and it changed for the worse. The environment the early hackers

were working in rewarded them for their mischief and their desire

to experiment and try new things.[38]

3. The Computer Industry has Sold Out

The computer industry sold out; no commercial software developers

today believe in the Hacker Ethic either. They patent software,

copy-protect programs, lock up data and algorithms. New hackers

are merely responding to the times. They wouldn't have to do what

they have to do if the computer industry believed in open

standards and systems and free source code.

And yet, in practice, I can't help but conclude that the computer

revolution is over, and that the people lost. The computer

community is driven now not by a lust for knowledge but by a lust

for money. What were fledgling companies of wild-eyed programmers

sharing knowledge and feeding on each other's ideas have become

corporate behemoths, run by suits and ties, and copyright lawyers,

and the bottom line.[39]

4. Generational Change Hackers, like other youth of their generation

("generation X"), are more alienated, more pessimistic, more

self-centered, more thoughtless, more careless, more pragmatic,

etc. It's not that society, technology, or computing practices

changed; it's just that new hackers come from a generation which

was raised differently from its predecessors and was exposed to

different influences.

It's like you sometimes see in the media - 'GenX' is more in it for

themselves, more likely to try and get ahead through using

information from any which way, and more often see themselves as

getting screwed over by their elders ... so it's not surprising

that they don't have the same attitudes as Baby Boomer hackers.[40]

A future research project might be to try and turn these into etic

variables. If one could operationalize and measure "level of

alienation" for the authors of these texts, it might turn out to be a

causal factor for "level of adherence to the Hacker Ethic," which

would be the degree to which the person espouses the old or new Hacker

ethics. Or one could try and correlate changes in the Hacker Ethic

with changes in computing practices or level of intensification of

computer use.

Repudiations

It's interesting to examine the ways in which 90s hackers often

repudiate the original Hacker Ethic, or the possibility of embracing

any Ethic at all. These are based on some items I coded in the texts,

and other mentions found on the Net.

1. Fraud "The hacker ethic is a fraud" perpetrated by the original

hackers. It's too idealistic to possibly work in the real world.

But the Hacker Ethic is also a fraud. It is a fraud because there

is nothing magical about computers that causes one of its users or

owners to undergo religious conversions and devote themselves to

use of the computer for the betterment of the public good. Early

automobile enthusiasts were tinkerers, inventors, people with a

dream building motorized transportation. Then the new invention

became popular and the elite used it to drive around in luxury.

Then the new invention became accessible, and for many, necessary

for survival. Now we have traffic jams, drunk drivers, air

pollution, and suburban sprawl. Whatever magic still present in the

use of the automobile occasionally surfaces, but we possess no

delusions that it automatically invades the consciousness of

everyone who sits behind the wheel.[41]

2. Individualism Individualistic loners don't tend to subcribe to

communal ethics. Many hackers argue that hacking is by nature

oriented toward individualism rather than "groupthink," and thus

the community of hackers is one of mutually reinforcing

self-interest rather than any true form of fellowship or common

ideology.

3. Many, not one There is no one single hacker ethic; in the extreme

position, every hacker has their own ethic.

I think the problem we're all having is the fact that everyone is

deluding themselves thinking there is only ONE 'hacker ethic'. The

truth of the matter is, everyone has their *OWN* hacker 'ethic'. To

say that we all think the same way is foolish.[42]

4. Anti-professionalism Ethics are usually professional standards; by

their very nature hackers are anti-professional and tend to make

up the rules as they go along. Creating a professional, formalized

code for hackers would mean the end of hacking.

5. Natural Evolution The hacker ethic, like any belief system, must

evolve over time; it's foolish to assume anyone could maintain the

same ethics when everything else (especially technology) changes

so rapidly.

In exploring some of the factors that lead to rejection of the

original Hacker Ethic, we might be able to understand better why

certain hackers do embrace either the old or new one or a combination

of both.

Investigations of Patterns

I did two index tree searches of the NUDIST tree-index to examine my

hypothesis of continuity between the 60s and 90s hackers.

Report 1

This was simply an index search where I told NUDIST to identify the

number of documents which contained codes from both the old and new

hacker ethics' subcodes. Any document which contained one or more

codes from both sets of ethical codes was considered a 'hit,'

indicating knowledge of (if not practice) of both systems. The results

were: retrievals in 15 out of 29 documents or 52 percent. This seems

to be statistically significant, and it is unlikely that hackers would

express elements of both ethical systems purely by chance unless they

were aware of both.

Report 2

I generated a matrix of overlapping documents for the Hacker Ethics

(old and new). This identifies where codes co-occur within the same

text units (as opposed to elsewhere in the same text) and in which

documents.

1 1 1 2 1 3 1 4 1 5 1 6

2 1 24 24, 18

2 2

2 3

2 4

2 5

2 6

2 7

2 8 27 27

2 9

2 10

In document 24, "hacker vs. cracker," we see the co-occurence of the

old hacker ethic of "total access" and the new hacker ethic of "do no

harm," as well as the co-occurence of "information wants to be free"

with "do no harm." In document 18, "Hacker ethic jargon file," we see

the co-occurence of these same sentiments. And in document 27, "Rebels

with a cause," we see the co-occurence of "self defense" with

"information wants to be free" and "computers can change your life for

the better."

Apparently, while hackers may express principles of both hacker

ethics, they are unlikely to do so at the same time or within the same

thought. Co-occurence within the same text unit did not occur very

often - only 3 out of 29 documents.

Conclusions - areas for future research

I feel it safe to say that I can conclude a few basic facts from this

early effort at text analysis. Mostly, I have a basis for a good deal

of future research. I might be able to state more, if I had access to

more documents or more information about their authors beyond their

"handles."

1. New 90s hackers are not unethical. They are not unaware of the

original Hacker Ethic. They have their own ethical system which

combines elements of the old 60s Hacker Ethic with some new

innovations (the new hacker ethic.) The fact that ethics are

important to these hackers is suggested by the fact that they

anethematize "crackers" and "dark side" hackers for transgressions

which violate the spirit of their ethics.

2. There are four interesting areas of investigation for looking into

the changes between the old and new Hacker Ethic. Measurement of

changes in computer technology, social indicators, computer

industry practices, and generational demographics might provide

variables which covary with, and possibly even explain, the

changes in this ideological system.

3. Some new hackers do repudiate the original Hacker Ethic or the

possibility of having an ethic at all. It would be interesting to

find out what aspects of their profiles (age, background,

experience, gender, social class, etc.) correlate with whether or

not they repudiate it and why. There should be some way to predict

whether or not a hacker is likely to embrace the ethic, and how

much they fidelity to it they will demonstrate.

4. The (old and new) Hacker Ethic is not totally idiosyncratic.

Elements of it are similar to principles advocated by American

culture and its "democratic" constitutional and informal ideals;

the ethical codes of professional organizations such as academics,

doctors, and lawyers; the ethical systems of "underground" and

marginalized groups such as addicts, prostitutes, homeless people,

etc.; and traditional ethical precepts of philosophy (such as the

Golden Rule or Kantian categorical imperative.) Hackers are not

alone in wanting privacy, knowledge, or community.

5. The similarity between the old and new hacker ethics suggest that

the new hackers did not emerge out of a distinct "tradition" from

the old hackers. Ethical continuity suggests some demographic

continuity. The 60s and 90s hackers may not be all that different,

despite the fact that the 60s hackers consider the 90s hackers to

be less deserving of the mantle of the term "hacker."

Text Sources

1. Rebels with a Cause

2. Revolt

3. From Crossbows to Crypto

4. Cryptoanarchist Manifesto

5. Declaration of Grievances of the Electronic Community

6. The Manifesto

7. Emmanuel Goldstein Testimony

8. Hack Ethics

9. Hacker vs. Cracker

10. Jargon file - hacker ethic

11. Assert your rights

12. Emmanuel Goldstein testimony

13. Discussion begins

14. Revolt

15. Assert your rights

16. What is hacking?

17. Pirate Newsletter

18. Government ethic

19. Jargon file - hacker ethic

20. The Manifesto

21. Discussion begins

22. Pirate Newsletter

23. Pirate Newsletter

24. Novice's guide to hacking

25. The Hacker's Code of Ethics

26. Cracker subculture

27. The Hacker's Code of Ethics

28. The Manifesto

29. Emmanuel Goldstein testimony

30. What is hacking?

31. Ethics of Hacking

32. Government ethic

33. What is hacking?

34. The Hacker's Code of Ethics

35. Discussion begins

36. The Hacker's Code of Ethics

37. Cracker subculture

38. Digital Free Press #2

39. Discussion begins

40. Anarchist's Guide to the BBS

41. Discussion begins

42. Discussion begins

Permission granted to publish on www.infowar.com

[email protected]