[Air-L] CFP: Expanding the frontiers of hacking

Alex Halavais alex at halavais.net
Tue Jun 14 09:22:35 PDT 2011


I tend to agree with Nat, but I'll note that arguments over what
hacking "is" seem to me to be as useful as whether or not Apple makes
great computers.

There has been a battle over the term itself for decades. Looking at
how that term has been deployed as an identity marker is more
interesting, but it's surprising to see it played out here. We all
know better than to accept that "hacker" is a stable term.

There can be little doubt that--for a number of reasons--the word
"cracker" has never caught on. So "hacker" means different things to
different communities. I suspect that most of the people on this list,
having been involved in social computing for some time, are more
likely to associate the term with the definition in the call and
perhaps the longer history that Nat relates. Get a group of
journalists in a room, and they will likely draw the connotations
David has made, to groups that trespass (though this is a loaded term)
on computing systems.

Not only is Anonymous a difficult case to classify as a "hacker" group
of either stripe (the borders between hit web site, virtual sit-in,
and DDoS is hardly clear), that's truer of hacking than many would
like to admit. Yes, most of the cases like those David lists are acts
perpetrated by organized crime, national governments, organized crime
in the service of governments, governments in the service of
corporations, etc. But they are often perpetrated by individuals who
might otherwise consider themselves "hackers" and might in some
contexts be considered as such by others.

It seems the main question is not the types of skills one has--anyone
skilled at computing should be able to discover and exploit
vulnerabilities in a security system, for example--but how they are
employed. So, if you look at the introduction to the MIT lock-picking
manual, or go to a Makers Faire session on picking locks, the ethics
surrounding such breaches are at the fore. Asking journalists to draw
a distinction between "white hat," "black hat," and "gray hat" hacking
seems even more doomed then getting them to use the term "cracking."

I don't think we can fault the call for using "hacking" as a term of
art frequently used within academic communities studying social and
technological systems. Nor do I think there is anything wrong with
exploring "hacking" as the term is used in other discourse
communities. But I think arguments over how the word *should* be used
are both silly and ultimately irrelevant.

Best,

Alex


On Tue, Jun 14, 2011 at 11:44 AM, Nathaniel Poor <natpoor at gmail.com> wrote:
> David that view can continue to be promulgated because it's correct.
>
> You see no real hacking from anonymous because they are not a hacker group, although from time to time some of them are involved in hacking. When you say "anonymous and other groups", what other groups do you have in mind? (If you want to learn more about anonymous, Biella Coleman does work on them, she's at NYU. She even has a class on hacker culture and politics. http://steinhardt.nyu.edu/faculty_bios/view/Gabriella_Coleman )
>
> The items you list in the bullet points are not hacking, they are either organized crime or government espionage.
>
> The problem you are running into is one that hackers themselves have run into, that is, of different definitions of the word hack/hacker. Mostly in the mainstream media (news, movies, television), it has a negative connotation (good for news, and good for dramatic tension in movies). There have been suggestions I've seen to call the criminal side of hacking either "cracking" or "black hat hacking", while the legal side that most people do but yet that few hear about "white hat hacking" (since if it's legal it certain isn't of much interest to the news media and is rather ho-hum for movies).
>
> Hacking has a very old history (that the CFP does not touch on enough to my liking). Early wireless telegraphy, young men with their crystal radio sets transmitting over the ether, they were hackers (since they had to build their sets and keep them tuned). Early hot rodding was car hacking, and to this day car modding has its own cultures, meetups, and magazines (and these days web sites).
>
> No hackers have been identified in the cases you mention since it can be very hard, if not impossible, to identify perpetrators. Not every non-computer crime is solved either. And when it's done with the backing of the Chinese or American governments, that simply won't happen.
>
> The examples at the end of your email aren't hackers in the sense of the CFP, they are organized crime syndicates who use computers. Organized crime goes where the money is. There's money to be had over the internet, in a variety of ways (bank accounts, personal info, botnet creation), so of course that's where they are now. It would be quite surprising if they weren't.
>
> If you'd like to learn more about real hackers and hackerspaces, there is, for instance, one a few blocks from where I live: http://www.nycresistor.com/
> I've been there, and met the people there for an event they had around the Debian conference. As you can see they have a variety of classes for the public, so that people can learn more about the computers they own and what they can do with them. Part of the ethic, in my understanding, is that, "this computer that I bought is mine, I'd like to play with it and see what it can do, beyond what it does currently, beyond what the manufacturer says I can do with it."
>
> There are lots of examples of hacking all around you on the internet. Most of the software that runs the internet is open source, and, given the methods of open source programming, it's all a hack, not in the sense of a kludge (somewhat badly hacked together) but in the ethos of its manufacture. (Again we see how the word "hack" has multiple and conflicting meanings.) Linux is a total hack, which has been well-detailed elsewhere so I won't go over it here (but I'd suggest Torvalds's book, "Just For Fun"). Basically, Torvalds wanted to do something else with his computer, so, he did it. He hacked his computer. Now Linux is so mainstream that even IBM ran a advertising campaign that consisted of spray-painting the Linux penguin on the sidewalks of several cities (this was a few years ago, the cities were generally not amused). Because Linux is so mainstream (relatively speaking), those not overly familiar with it probably don't consider it a hack, but it is.
>
> Ten years ago when I took apart two Intel boxes, bought some new parts, and built a new computer (I went AMD if anyone is curious) and then installed Linux on it (Red Hat or Slackware, I don't recall), that was hacking (installing back then was terrible!). When someone took a version of Linux and stripped it down to boot off of a floppy (which I used to make a router), that was hacking.
>
> Even the titanium screw I have in my jaw is essentially a hack, a biological one. (It's part of a crown, but that's a long story that involves the summer of 1972 and a springer spaniel.)
>
> Hacking is all around us. Always has been, always will be, even if the mainstream news uses the term for the more negative side of its meaning. Hacking (not the organized crime side of it) is a form of play, which is why it is a part of who we are -- see Brown's "Play", an excellent book -- he's an MD who is a play researcher -- I liked it so much I'd advise everyone read it: http://www.amazon.com/Play-Shapes-Brain-Imagination-Invigorates/dp/B002KAORUM/
> Brown differentiates nicely between rough play (in children) and violence, which I think is a decent parallel here between what I call hacking (play) and organized crime (violence).
>
> Hopefully now you have an idea that there is this whole other component to the word "hack" that the CFP is, quite correctly, talking about, but one that is almost never covered in the news (it does get touched on from time to time in movies and on TV, though).
>
> -Nat.
>
>
> On Jun 14, 2011, at 9:54 AM, David Golumbia wrote:
>
>> On Tue, Jun 14, 2011 at 4:24 AM, Mathieu ONeil <mathieu.oneil at anu.edu.au>wrote:
>>
>>>
>>> During the past two decades, hacking has chiefly been associated with
>>> software development. This is now changing as new walks of life are being
>>> explored with a hacker mindset, thus bringing back to memory the origin of
>>> hacking in hardware development. Now as then, the hacker is characterised by
>>> an active approach to technology, undaunted by hierarchies and established
>>> knowledge, and finally a commitment to sharing information freely.
>>
>>
>>
>> i wish I had any understanding of why this view can continue to be
>> promulgated.
>>
>> i see so little of it from groups like anonymous and so on. to the contrary,
>> contemporary hacking is characterised by:
>>
>>   - attempting to steal every bit of information and financial property i
>>   and you and every other person on this list has earned or owns by whatever
>>   means;
>>   - doing so without any clear political program or input from political
>>   thinkers, but typically because there is something they don't like about the
>>   target, and/or the target has something of value they want to steal;
>>   - being absolutely antidemocratic and authoritarian with regard to their
>>   decisions and actions;
>>   - keeping whatever profits they make solely for themselves;
>>   - in many cases, working on behalf of large multi-national corporations
>>   and governments. the most famous recent example is Stuxnet.
>>
>>
>> where is the special issue on that topic? why do we keep having them, and
>> endless list and conference discussions, on this one, which does not map
>> onto the reality i know at all?
>>
>> it's not like this was in the news as recently as yesterday or today or
>> anything...
>>
>> Hardly a month has gone by this year without a multinational company such as
>> Google Inc., EMC Corp. or Sony Corp. disclosing it’s been hacked by cyber
>> intruders who infiltrated networks or stole customer information. Yet no
>> hacker has been publicly identified, charged or arrested.
>>
>> If past enforcement efforts are an indication, most of the perpetrators will
>> never be prosecuted or punished.
>>
>> “I don’t have a high level of confidence that they will be brought to
>> justice,” said Peter George, chief executive of Fidelis Security Systems
>> Inc., a Bethesda, Md.-based data protection consulting firm whose clients
>> include International Business Machines Corp., the U.S. Army and the
>> Department of Commerce. “The government is doing what they can, but they
>> need to do a lot more.”
>>
>> In the U.S., the FBI, the Secret Service and other law enforcement agencies
>> are confronting what amounts to a massive crime wave that’s highly organized
>> and hard to combat with traditional methods. The hacker organizations are
>> well-funded and global, eluding arrest except in the rarest of cases.
>>
>> Attacks are coming from organized crime groups based in Eastern Europe and
>> Russia, from industrial spies in China and from groups such as LulzSec,
>> whose members appear to reside mostly in the U.S. and Europe and seem more
>> interested in publicity than in making a profit from their crimes. (By
>> Michael Riley, Greg Farrell and Ann Woolner, Bloomberg News, "Cyber
>> intruders confound: Few hackers are brought to
>> justice<http://www.telegram.com/article/20110612/NEWS/106129977/-1/NEWS05>,"
>> Jun 12 2011)
>>
>>
>>
>>
>> --
>> David Golumbia
>> dgolumbia at gmail.com
>> _______________________________________________
>> The Air-L at listserv.aoir.org mailing list
>> is provided by the Association of Internet Researchers http://aoir.org
>> Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
>>
>> Join the Association of Internet Researchers:
>> http://www.aoir.org/
>
> -------------------------------
> Nathaniel Poor, Ph.D.
> http://natpoor.blogspot.com/
>
> _______________________________________________
> The Air-L at listserv.aoir.org mailing list
> is provided by the Association of Internet Researchers http://aoir.org
> Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
>
> Join the Association of Internet Researchers:
> http://www.aoir.org/
>



-- 
//
// This email is
// [x] assumed public and may be blogged / forwarded.
// [ ] assumed to be private, please ask before redistributing.
//
// Alexander C. Halavais, ciberflâneur
// http://alex.halavais.net
//


More information about the Air-L mailing list