RE: 'Hacker' is too cutesy a word to describe what's really going on

[InfoSec News <isn () c4i org>]

Forwarded from: Richard Thieme <rthieme () thiemeworks com>

An alternative point of view on the use of the word ...

http://www.oreillynet.com/pub/a/network/2002/10/04/hackers.html

Real Hacking Rules!
Or, Before the Word is Totally Useless, What Is the Essence of Hacking?

by Richard Thieme
10/04/2002 

On the tenth anniversary of Def Con, the annual Las Vegas meeting of
computer hackers, security professionals, and others, I reflected on
how the con--and hacking--had changed since I spoke at Def Con 4 seven
years earlier.
 
The word hacker today means everything from digging into a system--any
system--at root level to defacing a Web site with graffiti. Because we
have to define what we mean whenever we use the term, the word is lost
to common usage. Still, post 9/11 and the Patriot Act, it behooves
hackers of any definition to be keenly aware of the ends to which they
hack. Hackers must know their roots and know how to return to "root"
when necessary.

At Def Con 4 I said that hacking was practice for transplanetary life
in the 21st century. I was right. The skills I foresaw as essential
just a short generation ahead have indeed been developed by the best
of the hacker community, who helped to create--and secure--the Net
that is now ubiquitous. But the game of building and cracking
security, managing multiple identities, and obsessing over solving
puzzles is played now on a ten-dimensional chess board. Morphing
boundaries at every level of organizational structure have created a
new game.

In essence, hacking is a way of thinking about complex systems. It
includes the skills required to cobble together seemingly disparate
pieces of a puzzle in order to understand the system; whether modules
of code or pieces of a bigger societal puzzle, hackers intuitively
grasp and look for the bigger picture that makes sense of the parts.
So defined, hacking is a high calling. Hacking includes defining and
defending identity, creating safe boundaries, and searching for the
larger truth in a maze of confusion and intentional disinformation.

In the national security state that has evolved since World War II,
hacking is one means by which a free people can retain freedom.
Hacking includes the means and methodologies by which we construct
more comprehensive truths or images of the systems we hack.

Hackers cross disciplinary lines. In addition to computer hackers,
forensic accountants (whistleblowers, really), investigative
journalists ("conspiracy theorists"), even shamans are hackers because
hacking means hacking both the system and the mind that made it.
That's why, when you finally understand Linux, you understand ...
everything.

The more complex the system, the more challenging the puzzles, the
more exhilarating the quest. Edward O. Wilson said in Consilience that
great scientists are characterized by a passion for knowledge,
obsessiveness, and daring.

Real hackers too.

The Cold War mentality drew the geopolitical map of the world as
opposing alliances; now the map is more complex, defining fluid
alliances in terms of non-state actors, narcotics/weapons-traffickers,
and incendiary terrorist cells. Still, the game is the same: America
sees itself as a huge bulls-eye always on the defensive.

In this interpretation, the mind of society is both target and weapon
and the management of perception--from deception and psychological
operations to propaganda, spin, and public relations--is its
cornerstone.

That means that the modules of truth that must be connected to form
the bigger picture are often exchanged in a black market. The
machinery of that black market is hacking.

Here's an example:

A colleague was called by a source after a major blackout in the
Pacific Northwest. The source claimed that the official explanation
for the blackout was bogus. Instead, he suggested, a non-state
aggressor such as a narco-terrorist had probably provided a
demonstration of power, attacking the electric grid as a show of
force.

"The proof will come," he said, "if it happens again in a few days."

A few days later, another blackout hit the area.

Fast-forward to a security conference at which an Army officer and I
began chatting. One of his stories made him really chuckle.

"We were in the desert," he said, "testing an electromagnetic weapon.
It was high-level stuff. We needed a phone call from the Secretary of
Defense to hit the switch. When we did, we turned out the lights all
over the Pacific Northwest." He added, "Just to be sure, we did it
again a few days later and it happened again."

That story is a metaphor for life in a national security state.

That test took place in a secured area that was, in effect, an entire
canyon. Cover stories were prepared for people who might wander in,
cover stories for every level of clearance, so each narrative would
fuse seamlessly with how different people "constructed reality."

The journalistic source was correct in knowing that the official story
didn't account for the details. He knew it was false but didn't know
what was true. In the absence of truth, we make it up. Only when we
have the real data, including the way the data has been rewritten to
obscure the truth, can we know what is happening.

That's hacking on a societal level. Hacking is knowing how to discern
or retrieve information beyond that which is designed for official
consumption. It is abstract thinking at the highest level, practical
knowledge of what's likely, or might, or must be true, if this little
piece is true, informed by an intuition so tutored over time it looks
like magic.

Post 9/11, the distinction between youthful adventuring and
reconstituting the bigger picture on behalf of the greater good is
critical. What was trivial mischief that once got a slap on the wrist
is now an act of terrorism, setting up a teenager for a long prison
term. The advent of global terrorism and the beginning of the Third
World War have changed the name of the game.

Yet without checks and balances, we will go too far in the other
direction. The FBI in Boston is currently notorious for imprisoning
innocent men to protect criminal allies. I would guess that the agents
who initiated that strategy had good intentions. But good intentions
go awry. Without transparency, there is no truth. Without truth, there
is no accountability. Without accountability, there is no justice.

Hacking ensures transparency. Hacking is about being free in a world
in which we understand that we will never be totally free.

Nevertheless, hackers must roll the boulder up the hill. They have no
choice but to be who they are. But they must understand the context in
which they work and the seriousness of the consequences when they
don't.

Hackers must, as the Good Book says, be wise as serpents and innocent
as doves.

Richard Thieme is a business consultant, writer, and professional
speaker focused on "life on the edge," in particular the human
dimension of technology and the work place, change management and
organizational effectiveness.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.