Hacking With a Conscience Is a New Trend

[William Knowles <wk () C4I ORG>]

http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2000/11/20/BU121645.DTL&type=tech_article

Carrie Kirby, Chronicle Staff Writer
Monday, November 20, 2000


In the "old days" of the early '90s, the only message a hacker was
likely to leave on a Web page was "I was here" or "Hackers rule."

But now, more and more hackers are using their tricks to spread
socially conscious messages, security experts say. The trend -- dubbed
"hacktivism" -- has shown up in a number of recent incidents:

-- On Election Day, a Democrat hacked the Republican National
Committee Web page and replaced its text with an endorsement of Vice
President Al Gore.

-- Hackers affiliated with Palestinian and Israeli groups have been
attacking one another's Web sites for weeks. In a particularly severe
incident,

a pro-Muslim hacker in Pakistan stole the credit card numbers of
members of a U.S. pro-Israel lobbying group and posted them on the
group's Web page for all to see.

-- During the Seattle protests against the World Trade Organization
last year, the "Electrohippies," a group based in Britain, temporarily
shut down the WTO's Web site.

Some even speculate that the recent break-in to Microsoft's source
code -- a serious breach of security -- was not industrial espionage
but hacktivism. The statement? Many programmers say that all source
code should be freely available. Microsoft's hacker may have wanted to
"liberate the source code for the world," said Richard Power, author
of "Tangled Web: Tales of Digital Crime. "

"A lot of hackers have grown up and are no longer hacking frivolously,
but hacking for purpose," said Hilmon Sorey, director of strategy for
Gilian Technologies, a security firm in Redwood Shores.

About 1 in 5 hacker attacks he sees are related to "hacktivism," a
combination of hacking and activism, Sorey said.

But hackers aren't just attacking. Some are also creating software
that makes hacktivism easier for the traditional activist. For
example, in China and other restrictive countries, the Web pages of
organizations such as CNN and Amnesty International are often blocked.
But one group is creating a program, called Hacktivismo, that would
help people get around those blockades and access human rights
information and news reports online.

"Oxblood Ruffin," the Canadian hacker leading the project, wants the
final product to be easy to use. Like most hackers, Oxblood Ruffin
masks his identity with a pseudonym. He is part of a hacker club
called the Cult of the Dead Cow, one of the groups behind Back
Orifice, a tool widely used for breaking into Windows networks.

"It's going to be point-and-click, as intuitive as possible," said
Oxblood Ruffin. His team includes "Mixter," the young German who wrote
the program used in February's "denial-of-service" attacks against
Yahoo and other commercial Web sites. Hacktivismo is expected to be in
beta testing by spring, although other programmers warn that it will
not be easy to write.

The combination of hackers getting into activism and activists getting
into hacking will be dangerous for online businesses that may be
targets of both groups, said Ben Venzke, director of intelligence
production for IDefense, a security firm in Fairfax, Va. Hacktivism
can be much more damaging than physical protests, Venzke said.

"Say I want to block the entrance to a fast-food restaurant," Venzke
said. "With a group of activists, I might be able to block two or
three restaurants in my city. How is that really going to affect the
revenues of the national company? But blocking one Web site is the
equivalent of blocking the entrance of every single restaurant in that
chain in the entire world. You're talking about the ability of a group
of activists anywhere in the world to deny a major corporation from
generating revenue."

For years, a few small groups of socially conscious hackers have used
their skills to advance social causes. The practice can be traced to
1998, when a group called the Electric Disturbance Theater conducted
"virtual sit-ins" on the Web sites of the Pentagon and the Mexican
government to bring the world's attention to the plight of Indian
rights in the Mexican state of Chiapas. They succeeded in blacking out
these Web sites for some time using a denial-of- service attack,
similar to the attacks that blocked access to Yahoo and other
e-commerce sites earlier this year.

A denial-of-service attack cripples a Web site using an automated
program that sends the site thousands of requests for information. The
desired result is that the Web site's servers are so swamped that they
can't carry on their regular business.

After a year of virtual sit-ins, the EDT made the software it was
using available on the Internet so anyone could download and use it.
Borrowing a bit of programmer's parlance, they called it the
"Disturbance Developer's Kit."

Within 20 minutes after the program, called Flood Net, became
available, a group called Queer Nation used it to attack an anti-gay
Web site, said Ricardo Dominguez, one of EDT's leaders.

Now, new improvements on Flood Net are making the program more
efficient to use, Venzke said. Flood Net was used against EToys last
year in a campaign to make the Web retailer drop its lawsuit against a
European artist who held the domain name etoy.com. The program is also
one of many tools being used in the cyberattacks related to the
Mideast conflict.

"The next step is adding a chat capability, so that while you're
taking part in an attack, you can chat with all the other
cyber-activists who are taking part," Venzke predicted. "This goes a
long way in trying to get people to actively participate and stay in
the attack for longer periods of time."

Flood Net is old hat to EDT's Dominguez. He's looking forward to more
advanced tools.

"In 2001, you will see more tools, more networks," Dominguez said in
an e- mail interview. Not all of those initiatives will be about
attacking Web sites.

According to Dominguez, one program that shows hacktivism's potential
is Freenet, an independent Internet-like network that can't be
censored or controlled by the government because it has no central
authority. Like music trading system Gnutella, Freenet is hosted by
volunteers all over the world.

To be sure, with the tools now available, hacktivists could be causing
much more damage than they already have. The program used against
Yahoo and other e- commerce sites in February, Tribal Flood Network,
is much more powerful than Flood Net, and it, too, is freely
available.

But most hacktivist groups don't use Tribal Flood Network. Paul Mobbs,
leader of the Electrohippies, explained that because TFN allows a
single person to launch a crippling attack against a Web site, it's
not democratic.

The Electrohippies prefer Flood Net, which they used to attack
Monsanto and other food companies in its protests against genetic
engineering.

"Our mode of action specifically means that you simultaneously need
tens of thousands of people thinking the same to achieve any notable
success," Mobbs wrote on the group's Web site,
www.gn.apc.org/pmhp/ehippies.

But other groups, such as the Cult of the Dead Cow, say that no matter
how many people are involved, blocking someone's Web site -- or
replacing a Web site with one's own text -- violates free speech.

"That's lame and it's an infringement of the First Amendment," said
Oxblood Ruffin. "You don't make a better argument by shouting them
down in public."

Oxblood Ruffin hopes that mainstream activist groups like Amnesty
International will help host servers and distribute the Hacktivismo
software when it is completed. While Venzke says he has seen offline
activist groups recruiting hackers at conferences like DefCon, groups
like Amnesty International say for the record that they won't touch
hacktivism.

"That's something I'm sure that Amnesty activists would not be
involved in. Especially not if it entails something illegal," said
Susan Forste, Amnesty International's Web coordinator.

But Amnesty's offline tactics tend to steer clear of civil
disobedience too,

Forste noted.

More radical groups like Berkeley's Ruckus Society, which trains
activists for on-the-ground protests, are more open to the idea of
hacktivism.

"It would really depend on the goal and the intent," said Ruckus
Society program director Han Shan. "We are planning a camp in the next
year or so where we will hopefully explore the frontiers of activism.
I'm sure we will be touching on hacktivism."

E-mail Carrie Kirby at ckirby () sfchronicle com.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".