SD 2600 People

skalore
- Founder of San Diego 2600, UNIX administration, coding

h1kari
- Co-founder of San Diego 2600, Chairman of ToorCon


Pixel8 - Graphics / Founder of PixelTwisters.

KiWe - WarDriving wheelman and group cheerleader

nfiltr8 - Dachb0den Labs Engineer

ComLogik - Corporate Diagnostics, Telephony & Network Auditing

Fortezza - Phreaking and Trashing



[Main Page] [Downloads] [Photos] [Disclamer] [Directions]

San Diego 2600
August 31, 1999

Local hackers "try to be ethical and moral"
By James Hebert
STAFF WRITER

Consider the locksmith.

He's an expert in security -- how to bolster it, how to thwart it.

In his knowledge of locks and other safety devices, he shares some common ground with a very different kind of security expert: the burglar.

Few, of course, would ever confuse the two. Yet when it comes to computer security, there are some people who believe they've suffered precisely that kind of misunderstanding.

They call themselves hackers, although not in the destructive sense that the word has come to convey.

They may possess the same skills as the computer criminals who break into networks in order to steal and vandalize.

But these hackers use their skills, they say, for very different purposes: To expand their knowledge, to test security systems (sometimes as paid consultants), or sometimes simply for the enjoyment of matching wits against system administrators.

At the vanguard of these "white hat" hackers is 2600, a quarterly magazine that has spawned more than 80 local chapters of socially minded hackers in the United States and beyond. Its Web site is http://www.2600.com.

San Diego 2600, as the local chapter is called, was founded a little over a year ago, and has a Web site as well: http://www.sd2600.net

The name "2600," according to a group leader, refers to the sound frequency that phone hackers once used to hack into phone lines.

The chapter's meetings -- held, as are all 2600 meetings worldwide, at 5 p.m. local time on the first Friday of each month -- now typically attract several dozen people.

They are a mostly young but diverse assortment of computer aces who share, they say, a common belief: That it's possible to be a hacker without also being a menace to society.

"There's so much more you can do with computers, without having to do criminal activities," says the local group's founder, who goes by the computer pseudonym Skalore (his real name is Ben).

"We try to be ethical and moral."

Although Skalore, like some other members of the group, prefers not to divulge his full name or other personal information, he hardly seems to fit the popular image of the phantom hacker.

He works, he says, as a webmaster for a plastics company. He signs his e-mails with a quote from the Declaration of Independence: "We hold these truths to be self-evident, that all men are created equal."

On his head is a baseball cap with the legend "SD2600". ("It's good advertising," he notes).

Advertising -- or at least getting the word out about their idea of hacking -- is one of the goals of the group, whose meetings are held at the EspressoNet cyber-cafe in the Golden Triangle area, and are open to anyone. (There will be no meeting in September because of Toorcon, a convention the group is hosting this weekend.)

"We want people to be set straight," says fellow member H1kari (real name: David Hulton), who helped Skalore found San Diego 2600.

Adds Skalore: "That's the purpose of it, really."

Friends and phreaks

But beyond the public-awareness angle, the San Diego 2600 meeting is also a social gathering, a place for members to compare notes or show off gadgets.

As one midsummer meeting begins, a knot of teen-agers is huddled over a couple of laptop computers inside the cafe.

On the patio outside is AT (who also goes by the moniker Prole), a recent UCSD grad who works in computer security for a start-up company. He is talking with a couple of friends about Defcon, a big annual hackers' convention that took place in Las Vegas a month ago. july 31 - aug. 2

One of them, Brendan, is a UCSD math major who sports a pierced tongue, heavy black boots and a T-shirt bearing the logo of the industrial-rock band Skinny Puppy. Another, Chris, works for Cox Communications, and arrives straight from his job with a plastic ID badge still pinned to his shirt.

Meanwhile, drifting among the various groups are Kevin McDonald and Ciaran Foley, whose business attire marks them as something other than the usual attendees.

Their company, the X'It Group, deals with matters of computer security, and they're here looking to hire a few whiz kids to test their clients' security measures.

Essentially, they want to pay these young experts to hack into networks.

"This stuff doesn't come on resumes," notes Foley. "It's trial by fire."

SD2600 co-founders Skalore and H1kari marvel over all the subgroups that have evolved at the meeting over the past couple of years.

They rattle off a list: the programmers, the gamers, the college students, the security pros, and a group of neophytes that the two call "the kids just starting out."

Even the youngest meeting attendees, though, seem to be hyper-aware of the public perception of hackers, and eager to insist that they're not of that ilk.
Much of their concern of late has centered around the case of Kevin Mitnick, the hacker who was sentenced earlier this month in L.A. to almost four years in prison and ordered to pay $4,125 in restitution, after pleading guilty last March to five felony counts related to computer break-ins at high-tech companies. The break-ins were alleged to have caused millions of dollars in damage.

Mitnick, who will be released next year because of time already served, was arrested after a 1995 FBI manhunt -- assisted by Tsutomu Shimomura, a computer security expert, who was then working at the San Diego Supercomputer Center at UCSD.

Shimomura's subsequent book about the case, "Takedown," written with New York Times reporter John Markoff, is being made into a movie by Miramax Films, though no release date has been set.

2600 magazine has championed Mitnick's cause since his arrest, saying the government's claims about the damage he caused were inflated, and complaining that he was being held unconstitutionally without a trial.

The magazine also mounted protests at Miramax's offices last year after its editor, Emmanuel Goldstein, saw an early copy of the "Takedown" script that he believed defamed Mitnick.

Those issues have filtered down to local 2600 members like Band1t, who likes to call himself a computer expert rather than a hacker, and Fortezza, whose expertise is in phreaking, or hacking into phone networks.

While both of these teen-agers believe, as Fortezza puts it, that Mitnick "is in jail because he did something he shouldn't have done," the hacking menace he presented was overblown.

"He's in jail because of the stuff he did," says Band1t. "But they're exaggerating the cost."

Thorny issues

As much as stresses morality and responsibility, though, the issues at stake are not always quite so simple as "good hackers vs. bad hackers."

In the magazine (and in 2600-related newsgroups on the Net), it's typical for writers to give tips on how to break into phone systems or computer networks, although these generally include disclaimers that the tips are for informational use only, and that the magazine does not condone criminal activity.

And it's undeniable that similar information is sometimes used for destructive purposes, from simple vandalism to flat-out fraud.

FBI agent Stew Roberts, a supervisor with the agency's computer-crimes squad, says that even hackers with the most harmless intentions often cause damage by accident.

"When a company has been compromised," Roberts says, "they don't know whether (the break-in) was done by some kid or by some well-organized enterprise."

Such companies end up spending additional money trying to assess damage and determine whether any information has been stolen.

Another FBI computer expert, who asked not to be identified, said that among the most constructive of the "white hat" hackers are those who channel their skills into creating computer games.

"Unfortunately, that's usually after we catch them" engaging in more harmful activities, he said.

Still, says Roberts, the agency hardly considers San Diego 2600 to be Public Enemy No. 1.

"I don't think we view them as some nefarious group that we're the adversary of," he says.

"Most of them are in school, so it's a hobby for them now. For a lot of them, it'll be a living someday. And most of them will probably stay legit."

To the members of San Diego 2600, it's only a small percentage of hackers that cause all the image problems.

"Terrorism is part of their psychology," says H1kari. "If they didn't have computers, they'd be doing it somewhere else."

The bad rap also happens, says Skalore, "because people don't understand the field. They don't see the people behind the scenes, working to fix security problems."

And equally to blame, say some members, are false images perpetuated in the media and popular entertainment.

Speaking of the "Takedown" movie, Band1t says that "it's just a way to make money. It's just media stereotypes."

In real life, says H1kari, hackers defy such easy categorization.

"We don't like to use labels," he says.

Adds Skalore: "We're just people."

 

Essential WebLinks

News Sites
- @Stake
- Attrition
- The Intelligence Network
- CNN
- San Diego Union Tribune
- Nightfall Security Group
- Slashdot

Technology Sites
- Freedom Software - Protect Your Privacy Now!
- FreeBSD
- Slackware
- San Diego Supercomputer Center
- Freshmeat

"Hacker"/"Hacking" Sites
- Nightfall Security Group
- 2600 - The Hacker Quarterly
- Las Angeles 2600

Conventions
- ToorCon Computer Security Expo
- Defcon
- Hope2000
- USENIX
- COMDEX



HACK-SEC
ROOT!!!
slashdot
Mail us your ad!


[Main Page] [Downloads] [Photos] [Disclamer] [Directions]
� 2600 Disclamer.