[Air-L] CFP: Expanding the frontiers of hacking

Peter Timusk ptimusk at sympatico.ca
Tue Jun 14 09:35:10 PDT 2011 

I think the question that needs to be asked is one of harm. Is the hacker or
computer break-in harmful. UK law and some US case law shows this
distinction. Breaking in under UK law I believe is a summary offence meaning
non felony in US terms. Whereas break-in with  a further criminal offence
such as theft is an indictable offence meaning felony.


The infamous hackers as anti-hero cases tend to show no real harm in my
brief review of case law in Canada and the US. 

Then the question becomes what of harming capitalist incomes v harming our
ideas of privacy.

Also a bigger question who is responsible to stop hacking, the individual or
the state?


Peter Timusk
at571 at ncf.ca
ptimusk at sympatico.ca
web: www.crystalcomputing.net
blogs www.cyborgcitizen.org

-----Original Message-----
From: air-l-bounces at listserv.aoir.org
[mailto:air-l-bounces at listserv.aoir.org] On Behalf Of Nathaniel Poor
Sent: June-14-11 11:44 AM
To: David Golumbia
Cc: air-l at aoir.org
Subject: Re: [Air-L] CFP: Expanding the frontiers of hacking

David that view can continue to be promulgated because it's correct.

You see no real hacking from anonymous because they are not a hacker group,
although from time to time some of them are involved in hacking. When you
say "anonymous and other groups", what other groups do you have in mind? (If
you want to learn more about anonymous, Biella Coleman does work on them,
she's at NYU. She even has a class on hacker culture and politics.
http://steinhardt.nyu.edu/faculty_bios/view/Gabriella_Coleman )

The items you list in the bullet points are not hacking, they are either
organized crime or government espionage.

The problem you are running into is one that hackers themselves have run
into, that is, of different definitions of the word hack/hacker. Mostly in
the mainstream media (news, movies, television), it has a negative
connotation (good for news, and good for dramatic tension in movies). There
have been suggestions I've seen to call the criminal side of hacking either
"cracking" or "black hat hacking", while the legal side that most people do
but yet that few hear about "white hat hacking" (since if it's legal it
certain isn't of much interest to the news media and is rather ho-hum for
movies). 

Hacking has a very old history (that the CFP does not touch on enough to my
liking). Early wireless telegraphy, young men with their crystal radio sets
transmitting over the ether, they were hackers (since they had to build
their sets and keep them tuned). Early hot rodding was car hacking, and to
this day car modding has its own cultures, meetups, and magazines (and these
days web sites). 

No hackers have been identified in the cases you mention since it can be
very hard, if not impossible, to identify perpetrators. Not every
non-computer crime is solved either. And when it's done with the backing of
the Chinese or American governments, that simply won't happen.

The examples at the end of your email aren't hackers in the sense of the
CFP, they are organized crime syndicates who use computers. Organized crime
goes where the money is. There's money to be had over the internet, in a
variety of ways (bank accounts, personal info, botnet creation), so of
course that's where they are now. It would be quite surprising if they
weren't. 

If you'd like to learn more about real hackers and hackerspaces, there is,
for instance, one a few blocks from where I live:
http://www.nycresistor.com/ I've been there, and met the people there for an
event they had around the Debian conference. As you can see they have a
variety of classes for the public, so that people can learn more about the
computers they own and what they can do with them. Part of the ethic, in my
understanding, is that, "this computer that I bought is mine, I'd like to
play with it and see what it can do, beyond what it does currently, beyond
what the manufacturer says I can do with it."

There are lots of examples of hacking all around you on the internet. Most
of the software that runs the internet is open source, and, given the
methods of open source programming, it's all a hack, not in the sense of a
kludge (somewhat badly hacked together) but in the ethos of its manufacture.
(Again we see how the word "hack" has multiple and conflicting meanings.)
Linux is a total hack, which has been well-detailed elsewhere so I won't go
over it here (but I'd suggest Torvalds's book, "Just For Fun"). Basically,
Torvalds wanted to do something else with his computer, so, he did it. He
hacked his computer. Now Linux is so mainstream that even IBM ran a
advertising campaign that consisted of spray-painting the Linux penguin on
the sidewalks of several cities (this was a few years ago, the cities were
generally not amused). Because Linux is so mainstream (relatively speaking),
those not overly familiar with it probably don't consider it a hack, but it
is. 

Ten years ago when I took apart two Intel boxes, bought some new parts, and
built a new computer (I went AMD if anyone is curious) and then installed
Linux on it (Red Hat or Slackware, I don't recall), that was hacking
(installing back then was terrible!). When someone took a version of Linux
and stripped it down to boot off of a floppy (which I used to make a
router), that was hacking. 

Even the titanium screw I have in my jaw is essentially a hack, a biological
one. (It's part of a crown, but that's a long story that involves the summer
of 1972 and a springer spaniel.)

Hacking is all around us. Always has been, always will be, even if the
mainstream news uses the term for the more negative side of its meaning.
Hacking (not the organized crime side of it) is a form of play, which is why
it is a part of who we are -- see Brown's "Play", an excellent book -- he's
an MD who is a play researcher -- I liked it so much I'd advise everyone
read it:
http://www.amazon.com/Play-Shapes-Brain-Imagination-Invigorates/dp/B002KAORU
M/
Brown differentiates nicely between rough play (in children) and violence,
which I think is a decent parallel here between what I call hacking (play)
and organized crime (violence). 

Hopefully now you have an idea that there is this whole other component to
the word "hack" that the CFP is, quite correctly, talking about, but one
that is almost never covered in the news (it does get touched on from time
to time in movies and on TV, though).

-Nat.


On Jun 14, 2011, at 9:54 AM, David Golumbia wrote:

> On Tue, Jun 14, 2011 at 4:24 AM, Mathieu ONeil
<mathieu.oneil at anu.edu.au>wrote:
> 
>> 
>> During the past two decades, hacking has chiefly been associated with 
>> software development. This is now changing as new walks of life are 
>> being explored with a hacker mindset, thus bringing back to memory 
>> the origin of hacking in hardware development. Now as then, the 
>> hacker is characterised by an active approach to technology, 
>> undaunted by hierarchies and established knowledge, and finally a
commitment to sharing information freely.
> 
> 
> 
> i wish I had any understanding of why this view can continue to be 
> promulgated.
> 
> i see so little of it from groups like anonymous and so on. to the 
> contrary, contemporary hacking is characterised by:
> 
>   - attempting to steal every bit of information and financial property i
>   and you and every other person on this list has earned or owns by
whatever
>   means;
>   - doing so without any clear political program or input from political
>   thinkers, but typically because there is something they don't like about
the
>   target, and/or the target has something of value they want to steal;
>   - being absolutely antidemocratic and authoritarian with regard to their
>   decisions and actions;
>   - keeping whatever profits they make solely for themselves;
>   - in many cases, working on behalf of large multi-national corporations
>   and governments. the most famous recent example is Stuxnet.
> 
> 
> where is the special issue on that topic? why do we keep having them, 
> and endless list and conference discussions, on this one, which does 
> not map onto the reality i know at all?
> 
> it's not like this was in the news as recently as yesterday or today 
> or anything...
> 
> Hardly a month has gone by this year without a multinational company 
> such as Google Inc., EMC Corp. or Sony Corp. disclosing it's been 
> hacked by cyber intruders who infiltrated networks or stole customer 
> information. Yet no hacker has been publicly identified, charged or
arrested.
> 
> If past enforcement efforts are an indication, most of the 
> perpetrators will never be prosecuted or punished.
> 
> "I don't have a high level of confidence that they will be brought to 
> justice," said Peter George, chief executive of Fidelis Security 
> Systems Inc., a Bethesda, Md.-based data protection consulting firm 
> whose clients include International Business Machines Corp., the U.S. 
> Army and the Department of Commerce. "The government is doing what 
> they can, but they need to do a lot more."
> 
> In the U.S., the FBI, the Secret Service and other law enforcement 
> agencies are confronting what amounts to a massive crime wave that's 
> highly organized and hard to combat with traditional methods. The 
> hacker organizations are well-funded and global, eluding arrest except in
the rarest of cases.
> 
> Attacks are coming from organized crime groups based in Eastern Europe 
> and Russia, from industrial spies in China and from groups such as 
> LulzSec, whose members appear to reside mostly in the U.S. and Europe 
> and seem more interested in publicity than in making a profit from 
> their crimes. (By Michael Riley, Greg Farrell and Ann Woolner, 
> Bloomberg News, "Cyber intruders confound: Few hackers are brought to 
>
justice<http://www.telegram.com/article/20110612/NEWS/106129977/-1/NEWS05>,"
> Jun 12 2011)
> 
> 
> 
> 
> --
> David Golumbia
> dgolumbia at gmail.com
> _______________________________________________
> The Air-L at listserv.aoir.org mailing list is provided by the 
> Association of Internet Researchers http://aoir.org Subscribe, change 
> options or unsubscribe at: 
> http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
> 
> Join the Association of Internet Researchers:
> http://www.aoir.org/

-------------------------------
Nathaniel Poor, Ph.D.
http://natpoor.blogspot.com/

_______________________________________________
The Air-L at listserv.aoir.org mailing list is provided by the Association of
Internet Researchers http://aoir.org Subscribe, change options or
unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org

Join the Association of Internet Researchers:
http://www.aoir.org/

More information about the Air-L mailing list