=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= = F.U.C.K. - Fucked Up College Kids - Born Jan. 24th, 1993 - F.U.C.K. = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= STRANGERS IN A STRANGE LAND --------------------------- There are over ten thousand ways to acquire root access on a server. I know less than five hundred. I need only one. Within the realm of the United States corporate, educational and government agencies, the above words are an anathema. In a way, I understand why; and that is why I detest their collective reaction all the more. Rather than face up to their ignorance, corporate America, our "institutions of higher learning" and our government prefer instead to idly malign and otherwise regard as maladjusted anyone who can readily breach their illusory security. Rather than dwell on the surfeit of media accounts in which the authentic hacking community is inaccurately portrayed, I intend to devote this article to a study of how and why we -- the hacking community -- are so often the target of fear and loathing. Since I have the fortune of working in a relatively high technology extension of the military-industrial complex, I am often treated to a view from both sides of the battle lines. Yes, battle lines. Make no mistake about it: we are at war. In wartime, one of the first things that must be accomplished by any opposing faction is the relegation of the enemy to sub-human status. In this respect alone, it is more than apparent that the computer underground is indeed enmeshed in a war. On a daily basis, we are reminded of our status. We have been labeled "digital terrorists," "electronic corporate raiders," and, of course, "fucked up college kids." Even the simple term "hacker" has become synonymous with malevolent intent. These terms and connotations are not merely antagonistic wordplay. Their very design serves to prevent the government, university and business worlds from comprehending our humanity. And just as the governors of the South in the 1960s saw no reason to listen to "no upstart nigger," so the leaders of the largest sectors of American existence see no reason to listen to any "punk hackers." Of course, once the enemy has been stripped of its humanity, a wholesale erosion of that group's liberties inevitably follows. We all know how Nazi Germany willingly, and by writ of law, denied "der Juden" of their right to own property, engage in commerce, and travel freely. Even more chilling is the United States' history of doing precisely the same to Japanese-Americans for the duration of World War II. In both cases, these inhumane measures were taken not only after a period of fervent propaganda, but in the name of National Security. And here we are in 1998. We have witnessed a crackdown on the hacking community precipitated not by "digital Pearl Harbor[1]," but by ignorance of the American government and a simple error in a piece of AT&T code[2]. Kevin Mitnick still awaits trial three years after his arrest on charges of "possession of unauthorized access devices, computer fraud, causing damage to computers, wire fraud, and interception of wire or electronic communications[3]," denied even so much as the use of a stand-alone laptop by which he can coordinate his own defense. Attorney General Janet Reno seeks $64 million dollars to start a "cybercrime center" under the jurisdiction of the FBI[4]. None of this should come as a surprise. Even in ancient times, the stranger was always perceived as greatest threat to any community[5]. In this sense, we are perceived as particularly threatening strangers since we have demonstrated time and again that we can better navigate the very territory that the agencies of government, industry and education constructed for their own use. The above is not an idle boast, nor is it made with malice or vanity. The fact of the matter is that we, a relatively disorganized collective of outsiders, can and have mastered a highly complex network of systems designed, created and implemented by some of the greatest technical minds this century has seen. How could that *not* be unnerving to the institutions that consider themselves to be the be-all and end-all of technological innovation? So where do we go from here? Surely it would seem that America's government, universities and industry must understand that their notions of computer security are sorely lacking. Even so, we cannot expect them to embrace our efforts. We are in their disfavor entirely because we, in no uncertain or delicate terms, mercilessly expose their weaknesses. As a result, they respond in kind by legislating against the very tools on which we rely to safeguard our way of life. In the arena of cryptography alone, laws have been written on the presumption that every person is guilty until proven innocent. "After all," the government reasons, "why would someone need unbreakable cryptography unless they had something to hide?" Judging from history, this conflict could continue in perpetuity: a constant struggle with no resolution, and no decisive victory for either side. Yet there is a precedent on which an armistice could be reached. Through no accident, that precedent is what brought us all together in the first place. The precedent is the Internet. Those who have been around long enough will remember that the Internet was not borne of mutual admiration, but mutual distrust. (Let us remember that the 1960s were not a time when universities were particularly fond of the military and the military was not particularly willing to open up to anyone.) Even so, all participants agreed to set aside their long-standing suspicions for the moment in order to pursue a higher goal. In doing so, we -- the hacker community -- have been afforded the opportunity to learn more than we would have been otherwise able. We cannot ignore this basic fact. This is not to say that the hacker community should be obliged to extend the olive branch. We have done nothing more than followed our respective curiosities as the human animal is obligated by its own intellect. We were presented with a new technology and, just as we began to explore it, were shackled with nonsensical arbitrary rules which were impossible to follow in the face of a compelling mystery. And in our disobedience, we have literally been the embodiment of the convictions that brought forth the Declaration of Independence over 220 years ago. Now more than ever, it is obvious that the United States' government, industry and universities could richly benefit from an alliance with us. An open, nonjudgmental dialogue via the Internet would be a most fitting start to such an alliance. Relaxation and eventual eradication of the stranglehold that the government presently has on cryptography (along with the abandonment of key escrow and cryptography backdoors) would certainly be welcomed as a sign of good faith as well. From there, the possibilities could well be endless. Now is the time for the private and public sectors of the United States to look beyond their own shortcomings; specifically, their arrogance about their own idea of security and their misgivings about those who can so easily defeat it. Ultimately, they must understand that this approach is the only one by which truly succeed in improving their security and our technological way of life. Yet if they continue cling to their outdated notions of security through obscurity; if they continue to criminalize the same unorthodox approaches that historically made the United States a global superpower; if they unthinkingly continue on their folly that they should be the de facto authority on technology, I need only remind them of this: There are over ten thousand ways to acquire root access on a server. I know less than five hundred. I need only one. Cancer Omega --------------------------------------------------------------------- NOTES: [1] This phrase, to the best of my knowledge, was originally coined by Winn Schwartau in his book, "Information Warfare." [2] The January 1990 failure of AT&T long distance systems was originally believed by many to be the product of an attack carried out by malicious hackers. [3] Information courtesy of http://www.kevinmitnick.com. [4] The Nando Times, February 27, 1998 (http://www.nando.net). [5] Schmookler, Andrew B., "The Parable of the Tribes: The Problem of Power in Social Evolution," Berkeley, 1984. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= = Questions, Comments, Bitches, Ideas, Rants, Death Threats, Submissions = = Mail: jericho@dimensional.com (Mail is welcomed) = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= = To receive new issues through mail, mail jericho@dimensional.com with = = "subscribe fuck". If you do not have FTP access and would like back = = issues, send a list of any missing issues and they will be mailed. = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= = AnonFTP FTP.DIMENSIONAL.COM/users/jericho/FUCK = = FTP.SEKURITY.ORG/pub/zines/fucked.up.college.kids = = FTP.DTO.NET /pub/zines/fuck = = FTP.ETEXT.ORG/pub/Zines/FUCK = = WWW http://www.dimensional.com/~jericho = = http://www.reps.net/~krypt/fuck.html = = http://www.simunye.com/fuck = = http://www.dis.org/se7en/fuck = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= = (c) Copyright. All files copyright by the original author. = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=