Add to My Yahoo!
Thursday February 10 9:08 PM ET
In Hacker World, Disdain for Web 'Vandals'
By Dick Satran
SAN FRANCISCO (Reuters) - Even in the computer hacker community,
the group that carried
out the raids on major Web sites this week was seen as beneath
contempt.
On bulletin boards populated by self-proclaimed hackers, the attackers
are derided as ``script
kiddies'' or ``packet monkeys,'' the lowest form of hacker. Indeed,
one of the most frequent
comments was that ``They're not even hackers.''
The hacking culture is a complex weave of technically-skilled
and alienated individuals that has
grown up around Internet chat rooms and bulletin boards. Many
work in the tech industry, but
sizable numbers are precocious young people who learn the trade
from more seasoned hackers.
Their heroes are smart, alienated types, like themselves. Ehud
``the Analyser'' Tenenbaum, who
broke into Department of Defense computers, is one, and Kevin
Mitnick, who was just released
from prison after spending time for a series of high-profile
break-ins, is another.
The famed hackers gained esteem for their ability to penetrate
hard-to-crack computer centers,
by showing flashes of brilliance in exposing an unnoticed vulnerability
or by making a clear
anti-authority statement.
In the hacker culture, the new wave of assaults was derided as
kids ``playing with toys,''
referring to software readily available over the Internet that
lets users launch the so-called
distributed denial of service attacks that hit this week.
Hackers like to think of themselves as alienated geniuses who
can dazzle others with their
computer skills, which sometimes meant breaking into a site and
letting the target known they'd
been broached in a game of ``gotcha.''
Their roots lie in the culture of computer time-sharing and collaborative
software writing, in
which pointing out a bug is how problems get solved. Breaking
into a site followed that
tradition, carrying it to a new level.
``Hackers solve problems and build things,'' says one pro-hacker
site, ``and they believe in
freedom and voluntary mutual help.''
But computer experts say there is an emerging, and less visible
school of self-absorbed,
thrill-seeking hackers who don't follow the hacker ethic, looking
only to do as much damage as
they can, even if their is no technical feat to it at all.
``These are point-and-click attacks,'' said Mike Higgins of the
computer security concern
Para-Protect Inc. ``There are tutorials and tools on the Internet
that are easy enough for just
about anybody to use. You don't have to be a rocket scientist
to do this anymore.''
At Hacker News Network (http://www.hackernews.com) a hacker information
site, the editor of
the service, known as Space Rogue, said, ``There really is no
skill involved with denial of
service attacks. When you use the term hack or hacker, you are
talking about something unique
or innovative.''
But if the series of attacks that brought down Yahoo! Inc.(NasdaqNM:YHOO
- news) ,
Amazon.Com Inc. (NasdaqNM:AMZN - news) has failed to impress
the traditional hacking
community with its technical wizardry, some security experts
were amazed by the high level of
coordination involved in the attack.
``To bring down a site like Yahoo, with all of its available bandwidth,
required tremendous
coordination,'' said Aharon Friedman, a Tampa, Fla.-based computer
consultant. ``One hacker
couldn't have done it. I suspect it was an adult with an agenda,
and a group of young people
working in concert.''
Visible e-commerce sites were their target, possibly suggesting
an anti-business or anti-Internet
commercialization bias, said Friedman.
But the fact they were big and visible sites was reason enough
to launch an attack because
``bringing down a big name site like CNN could make them feel
powerful and smart,'' he
added.
In the broader culture or the business world, ``techies'' lose
their social acceptability when they
become ``too geeky,'' and hacking is one way to regain it, said
Johnnie Long, senior network
computer engineer for Computer Sciences Corp. (NYSE:CSC - news).
They are often kept from
the frontline business operations, adding to the alienation.
''This is a way to exert power in the
community,'' said Long, ''when a hacker can attack a multi-billion
dollar site and take it off line,
that's power.''
As long as there are vulnerabilities in computer systems, Long
said, somebody on the hacking
food chain -- which runs from the casual experimenter to the
dedicated professional criminal --
will try to exploit them.
Space Rogue, who has used his online handle in Congressional hearings
and professionally as an
anti-hacking consultant, finds the trend toward targeting e-commerce
sites distasteful. ``Just
taking down a Web site doesn't mean anything,'' he said. He doesn't
give his real name.
Indeed, one of the biggest publications of the hacking community,
2600 Magazine
(http://www.2600.com) posted a note on its front of its Web site,
saying ``Hackers to Blame.
Doubtful.'' It argued that, instead, it's an excuse by the government
to crack down harder on the
``legitimate'' hacking community with new restrictions and security
measures.
That fear echoed through sites like Linux open source site Slashdot
(http://www.slashdot.org)
where numerous posters saw it as an attempt by the government
to expand its surveillance and
control.
Or as the hacker bible 2600 put it, ``Whoever is responsible is
either completely clueless or
knows exactly what they are doing. It's the latter that should
concern hackers everywhere.''
Questions or Comments
Copyright © 2000 Reuters Limited. All rights reserved.
Republication or redistribution of Reuters content is expressly
prohibited without the prior written consent of Reuters.
Reuters shall not be liable for any errors or delays
in the content, or for any actions taken in reliance thereon.