The Computer Underground

The Computer Underground THE BAUDY WORLD OF THE BYTE BANDIT: A POSTMODERNIST INTERPRETATION OF THE COMPUTER UNDERGROUND Gordon Meyer and Jim Thomas Department of Sociology Northern Illinois University DeKalb, IL 60115 (5 March, 1990) An earlier version of this paper was presented at the American Society of Criminology annual meetings, Reno (November 9, 1989). Authors are listed in alphabetical order. Address correspondence to Jim Thomas. We are indebted to the numerous anonymous computer underground participants who provided information. Special acknowledgement goes to Hatchet Molly, Jedi, The Mentor, Knight Lightning, and Taran King.

ABSTRACT The criminalization of “deviant acts” transforms social meanings into legal ones. Yet, legal meanings are not necessari- ly social meanings. The legitimacy of statutory social control generally requires that one accept the realist textual readings of those with the power to interpret and stigmatize behaviors as inappropriate. “Moral crusades” that lead to definitions of criminalized deviance tend to reduce the meanings of polysemic acts to unidimensional ones that limit understanding of both the nature of the acts and their broader relationship to the culture in which they occur. This has occured with the criminalization of computer phreaking and hacking. In this paper, we examine the computer underground as a cultural, rather than a deviant, phe- nomenon.

Our data reveal the computer underground as an invisi- ble community with a complex and interconnected culture, depen- dent for survival on information sharing, norms of reciprocity, sophisticated socialization rituals, and an explicit value sys- tem. We suggest that the dominant image of the computer under- ground as one of criminal deviance results in a failure to appre- ciate cultural meaning. We conclude by arguing that there are characteristics of underground activity that embrace a postmoder- nist rejection of conventional culture. – ii – THE BAUDY WORLD OF THE BYTE BANDIT: A POSTMODERNIST INTERPRETATION OF THE COMPUTER UNDERGROUND Hackers are “nothing more than high-tech street gangs” (Federal Prosecutor, Chicago). Transgression is not immoral.

Quite to the contrary, it reconciles the law with what it forbids; it is the dia- lectical game of good and evil (Baudrillard, 1987: 81). There ain’t no sin and there ain’t no virtue. There’s just stuff people do. It’s all part of the nice, but that’s as far as any man got a right to say (Steinbeck, 1939:31-32). The criminalization of “deviant acts” transforms and reduces social meanings to legal ones.

Legal meanings are not necessari- ly social meanings. Most deviancy research tends to reproduce conventional social ideology and operative definitions of normal- ity within its concepts and theories. On occasion, these mean- ings represent a form of “class politics” that protect the power and privilege of one group from the challenge of another: Divorcing moral crusades from status group competition while denying that cultures are linked to social class- es has undermined attempts to link lifestyle politics to group struggles (Beisel, 1990: 45). Once a category of behaviors has become defined by statute as sanctionably deviant, the behaviors so-defined assume a new set of meanings that may obscure ones possessed by those who en- gage in such behaviors. “Computer deviants” provide one example of a criminalized type of “lifestyle politics.” The proliferation of computer technology has been accompa- nied by the growth of a computer underground (CU), often mistak- enly labeled “hackers,” that is perceived as criminally deviant by the media, law enforcement officials, and researchers.

Draw- ing from ethnographic data, we offer a cultural rather than a criminological analysis of the underground by suggesting that it reflects an attempt to recast, re-appropriate, and reconstruct the power-knowledge relationship that increasingly dominates the ideology and actions of modern society. Our data reveal the com- puter underground as an invisible community with a complex and interconnected cultural lifestyle, an inchoate anti-authoritarian political consciousness, and dependent on norms of reciprocity, sophisticated socialization rituals, networks of information sharing, and an explicit value system. We interpret the CU cul- ture as a challenge to and parody of conventional culture, as a playful attempt to reject the seriousness of technocracy, and as an ironic substitution of rational technological control of the present for an anarchic and playful future. Stigmatizing the Computer Underground The computer underground refers to persons engaged in one or more of several activities, including pirating, anarchy, hacking, and phreaking[1]. Because computer underground participants freely share information and often are involved collectively in a single incident, media definitions invoke the generalized meta- phors of “conspiracies” and “criminal rings,” (e.g., Camper, 1989; Zablit, 1989), “modem macho” evil-doers (Bloombecker, 1988), moral bankruptcy (Schwartz, 1988), “electronic trespas- sers” (Parker: 1983), “crazy kids dedicated to making mischief” (Sandza, 1984: 17), “electronic vandals” (Bequai: 1987), a new “threat” (Van, 1989), saboteurs (“Computer Sabateur,” 1988), se- cret societies of criminals (WMAQ, 1990), and “high-tech street gangs” (“Hacker, 18,” 1989). These images have prompted calls for community and law enforcement vigilance (Conly and McEwen, 1990: 2) and for application of the Racketeer Influenced and Cor- rupt Organizations (RICO) Act to prosecute and control the “crim- inals” (Cooley, 1984).

These images fail to distinguish under- ground “hobbyists,” who may infringe on legal norms but have no intention of pillaging, from felonious predators, who use tech- nology to loot[2]. Such terminology provides a common stock of knowledge that formats interpretations of CU activity in ways pre-patterned as requiring social control to protect the common- weal (e.g., Altheide, 1985). As Hollinger and Lanza-Kaduce (1988: 119), Kane (1989), and Pfuhl (1987) observed, the stigmatization of hackers has emerged primarily through value-laden media depictions. When in 1990 a Cornell University graduate student inadvertently infected an in- ternational computer network by planting a self-reproducing “vi- rus,” or “rogue program,” the news media followed the story with considerable detail about the dangers of computer abuse (e.g., Allman, 1990; Winter, 1988). Five years earlier, in May of 1983, a group of hackers known as “The 414’s” received equal media at- tention when they broke into the computer system of the Sloan Kettering Cancer research center. Between these dramatic and a- typical events, the media have dramatized the dangers of computer renegades, and media anecdotes presented during Congressional legislative debates to curtail “computer abuse” dramatized the “computer hacking problem” (Hollinger and Lanza-Kaduce, 1988: 107). Although the accuracy and objectivity of the evidence has since been challenged (Hollinger and Lanza-Kaduce 1988: 105), the media continue to format CU activity by suggesting that any com- puter-related felony can be attributed to hacking. Additionally, media stories are taken from the accounts of police blotters, se- curity personnel, and apprehended hackers, each of whom have dif- ferent perspectives and definitions.

This creates a self-rein- forcing imagery in which extreme examples and cursively circulated data are discretely adduced to substantiate the claim of criminality by those with a vested interest in creating and maintaining such definitions. For example, Conly and McEwen (1990) list examples of law enforcement jurisdictions in which special units to fight “computer crime,” very broadly defined, have been created. These broad definitions serve to expand the scope of authority and resources of the units. Nonetheless, de- spite criminalization, there is little evidence to support the contention that computer hacking has been sufficiently abusive or pervasive to warrant prosecution (Michalowski and Pfuhl, forth- coming). As an antidote to the conventional meanings of CU activity as simply one of deviance, we shift the social meaning of CU behavior from one of stigma to one of culture creation and meaning.

Our work is tentative, in part because of the lack of previous substantive literature and in part because of the complexity of the data, which indicate a multiplicity of subcultures within the CU. This paper examines of two distinct CU subcultures, phreaks and hackers, and challenges the Manichean view that hackers can be understood simply as profaners of a sacred moral and economic order. The Computer Underground and Postmodernism The computer underground is a culture of persons who call computer bulletin board systems (BBSs, or just “boards”), and share the interests fostered by the BBS. In conceptualizing the computer underground as a distinct culture, we draw from Geertz’s (1973: 5) definition of culture as a system of meanings that give significance to shared behaviors that must be interpreted from the perspective of those engaged in them. A culture provides not only the “systems of standards for perceiving, believing, evalu- ating, and acting” (Goodenough, 1981: 110), but includes the rules and symbols of interpretation and discourse for partici- pants: In crude relief, culture can be understood as a set of solutions devised by a group of people to meet specific problems posed by situations they face in com- mon.

. . This notion of culture as a living, historical product of group problem solving allows an approach to cultural study that is applicable to any group, be it a society, a neighborhood, a family, a dance band, or an organization and its segments (Van Maanen and Barley, 1985: 33). Creating and maintaining a culture requires continuous indi- vidual or group processes of sustaining an identity through the coherence gained by a consistent aesthetic point of view, a moral conception of self, and a lifestyle that expresses those concep- tions in one’s immediate existence and tastes (Bell, 1976: 36). These behavioral expressions signify a variety of meanings, and as signifiers they reflect a type of code that can be interpreted semiotically, or as a sign system amenable to readings indepen- dent of either participants or of those imposed by the super-or- dinate culture: All aspects of culture possess a semiotic value, and the most taken-for-granted phenomena can function as signs: as elements in communication systems governed by semantic rules and codes which are not themselves directly apprehended in experience.

These signs are, then, as opaque as the social relations which produce them and which they re-present (Hebdige, 1982: 13). It is this symbolic cultural ethos, by which we mean the style, world view, and mood (Hebdige, 1979), that reflects the postmodernist elements of the CU and separates it from modernism. Modernist culture is characterized especially by rationality, technological enhancement, deference to centralized control, and mass communication. The emergence of computer technology has created dramatic changes in social communication, economic trans- actions, and information processing and sharing, while simultane- ously introducing new forms of surveillance, social control, and intrusions on privacy (Marx, 1988a: 208-211; Marx and Reichman, 1985). This has contributed to a: . . .

richly confused and hugely verbal age, energized by a multitude of competing discourses, the very pro- liferation and plasticity of which increasingly determine what we defensively refer to as our reality (New- man, 1985: 15). By Postmodernism we mean a reaction against “cultural moder- nity” and a destruction of the constraints of the present “maxi- mum security society” (Marx, 1988b) that reflect an attempt to gain control of an alternative future. In the CU world, this con- stitutes a conscious resistance to the domination of but not the fact of technological encroachment into all realms of our social existence. The CU represents a reaction against modernism by of- fering an ironic response to the primacy of a master technocratic language, the incursion of computers into realms once considered private, the politics of techno-society, and the sanctity of es- tablished civil and state authority. Postmodernism is character- ized not so much by a single definition as by a number of inter- related characteristics, including, but not limited to: 1. Dissent for dissent’s sake (Lyotard, 1988). 2.

The collapse of the hierarchical distinction between mass and popular culture (Featherstone, 1988: 203). 3. A stylistic promiscuity favoring eclecticism and the mix- ing of codes (Featherstone, 1988: 203). 4. Parody, pastiche, irony, playfulness and the celebration of the surface “depthlessness” of culture (Featherstone, 1988: 203).

5. The decline of the originality/genius of the artistic pro- ducer and the assumption that art can only be repetitious (Featherstone 1988: 203). 6. The stripping away of social and perceptual coordinates that let one “know where one is” (Latimer, 1984: 121). 7.

A search for new ways to make the unpresentable presenta- ble, and break down the barriers that keep the profane out of everyday life (Denzin, 1988: 471). 8. The introduction of new moves into old games or inventing new games that are evaluated pragmatically rather than from some uniform stand point of “truth” or philosophical discourse (Callinicos, 1985: 86). 9. Emphasis on the visual over the literary (Lash, 1988: 314). 10.

Devaluation of formalism and juxtaposition of signifiers taken from the banalities of everyday life (Lash, 1988: 314). 11. Contesting of rationalist and/or didactive views of cul- ture (Lash, 1988: 314). 12. Asking not what a cultural text means, but what it does (Lash, 1988: 314). 13.

Operation through the spectator’s immersion, the relative- ly unmediated investment of his/her desire in the cultural object (Lash, 1988: 314). 14. Acknowledgement of the decenteredness of modern life and “plays with the apparent emptiness of modern life as well as the lack of coherence in modern symbol systems” (Man- ning, 1989: 8). “Post-Modernism” in its positive form constitutes an intel- lectual attack upon the atomized, passive and indifferent mass culture which, through the saturation of electronic technology, has reached its zenith in Post-War American (Newman, 1985: 5). It is this style of playful rebellion, irreverent subversion, and juxtaposition of fantasy with high-tech reality that impels us to interpret the computer underground as a postmodernist culture. Data and Method Obtaining data from any underground culture requires tact. BBS operators protect the privacy of users and access to elite boards, or at least to their relevant security levels, virtually always requires completion of a preliminary questionnaire, a screening process, and occasional voice verification.

Research- ers generally do not themselves violate laws or dominant norms, so they depend on their informants for potentially “dirty infor- mation” (Thomas and Marquart, 1988). Our own data are no excep- tion and derive from several sources. First, the bulk of our data come from computer bulletin board systems. BBSs are personal computers (PCs) that have been equipped with a telephone modem and special software that con- nects users to other PCs by telephone. After “logging in” by supplying a valid user name and password, the user can receive and leave messages to other users of the system.

These messages are rarely private and anyone calling the BBS can freely read and respond to them. There is usually the capacity to receive (down- load) or send (upload) text files (“G-philes”) or software pro- grams between the caller and host system. We logged the message section of CU BBSs to compile documen- tary evidence of the issues deemed important for discussion by participants. Logs are “captured” (recorded using the computer buffer) messages left on the board by users. Calculating the quantity of logged data is difficult because of formatting vari- ance, but we estimate that our logs exceed 10,000 printed pages.

The logs cited here are verbatim with the exception of minor editing changes in format and extreme typographical errors. Identifying underground BBSs can be difficult, and to the uninitiated they may appear to be licit chat or shareware boards. For callers with sufficient access, however, there exist back- stage realms in which “cracking” information is exchanged and private text or software files made available. With current technology, establishing a BBS requires little initial skill. Most boards are short-lived and serve only local or regional callers.

Because of the generally poor quality and amateur na- ture of these systems, we focused on national elite boards. We considered a board “elite” if it met all of the following charac- teristics: At least one quarter of the users were registered out- side the state of the board called; the phone line were exclu- sively for BBS use and available 24 hours a day; and the information and files/warez were current “state of the field.” Elite CU members argue that there are less than ten “truly elite” p/hacker boards nationally. We obtained the names and numbers of BBSs from the first boards we called, and used a snowball technique to supplement the list. We obtained additional numbers from CU periodicals, and, as we became more familiar with the culture, users also added to the list. Our aggregate data include no less than 300 Bulletin board systems, of which at least 50 attract phreaks and hackers, and voice or on-line interviews with no less than 45 sysops (op- erators of BBS systems) and other active CU participants.

A second data source included open-ended voice and on-line interviews with hackers, phreaks and pirates. The data include no less than 25 face-to-face, 25 telephone, and 60 on-line inter- views obtained as we became familiar with our informants. Third, data acquisition included as much participation as legally possible in CU activities[3]. This served to justify our presence in the culture and provided information about the mun- dane activity of the CU. Finally, we obtained back and current issues of the primary underground computerized magazines, which are distributed on na- tional BBSs as text files.

These contain information relevant to the particular subculture, and included PHRACK, Activist Times Incorporated (ATI), P/Hun, 2600 Magazine, PIRATE, TAP, and Legion of Doom (LoD/H). We also draw data from national and interna- tional electronic mail (e-mail) systems on which an active infor- mation-sharing CU network has developed and spread. Assessing the validity and reliability of data obtained in this manner creates special problems. One is that of sampling. The number of boards, their often ephemeral existence, and the problem of obtaining access makes conventional sampling impossible.

We focused on national boards and engaged in theoretical sampling (Glaser and Strauss, 1967: 45-77). We consider our sam- ple representative, and accept Bordieu’s observation that: If, following the canon dictated by orthodox methodology, you take a random sample, you mutilate the very ob- ject you have set out to construct. If, in a study of the field of lawyers, for instance, you do not draw the President of the Supreme Court, or if, in an inquiry into the French intellectual field of the 1950s, you leave out Jean-Paul Sartre, or Princeton University in a study of American academics, your field is destroyed, insofar as these personas or institutions alone mark a crucial position–there are positions in a field which command the whole structure (Bordieu, interviewed in Wacquant, 1989: 38). We judge our sample of participants adequate for several reasons. First, we presume that the members with whom we have had contact comprise the elite members of the culture, as deter- mined by the nature of the boards they were on, references to them on national boards, the level of expertise displayed in their messages, and their appearance in the “user lists” of elite boards.

We consider the BBSs to be “typical exemplars” because of their status in the culture, because of the level of sophisti- cation both of users and of message content, and because of ref- erences to these boards as “elite” in CU periodicals. The Computer Underground The computer underground is both a life style and a social network. As a lifestyle, it provides identity and roles, an op- erational ideology, and guides daily routine. As a social net- work, it functions as a communications channel between persons engaged in one of three basic activities: Hacking, phreaking, and pirating[4]. Each subgroup possesses an explicit style that includes an ethic and “code of honor,” cohesive norms, career paths, and other characteristics that typify a culture (Meyer, 1989a, 1989b;; Meyer and Thomas, 1989).

Hebdige (1982: 113-117) used the concept of homology to de- scribe the structural unity that binds participants and provides the “symbolic fit between the values and life-styles of a group” and how it expresses or reinforces its focal concerns. Homology refers to the affinity and similarities members of a group share that give it the particular cultural identity. These shared al- ternative values and actions connect CU members to each other and their culture, and create a celebration of “otherness” from the broader culture. Hackers (Tune: “Put Another Nickel in”) Put another password in, Bomb it out, and try again, Try to get past logging in, Were hacking, hacking, hacking. Try his first wife’s maiden name, This is more than just a game, It’s real fun, but just the same It’s hacking, hacking, hacking. Sys-call, let’s try sys-call.

Remember, that great bug from Version 3, Of R S X, It’s here! Whoopee! Put another sys-call in, Run those passwords out and then, Dial back up, we’re logging on, We’re hacking, hacking, hacking. (The Hacker Anthem, by Chesire Catalyst) Hacking broadly refers to attempts to gain access to comput- ers to which one does not possess authorization. The term “hack- ers” first came into use in the early 1960’s when it was applied to a group of pioneering computer aficionados at MIT (Levy, 1984). Through the 1970s, a hacker was viewed as someone obs- essed with understanding and mastering computer systems (Levy 1984). But, in the early 1980’s, stimulated by the release of the movie “War Games” and the much publicized arrest of a “hacker gang” known as “The 414s”, hackers were seen as young whiz-kids capable of breaking into corporate and government computer sys- tems (Landreth 1985:34).

The imprecise media definition and the lack of any clear understanding of what it means to be a hacker results in the mis-application of the label to all forms of com- puter malfeasance. Despite the inter-relationship between phreaks and hackers, the label of “hacker” is generally reserved for those engaged in computer system trespassing. For CU participants, hacking can mean either attempting to gain access to a computer system, or the more refined goals of exploring in, experimenting with, or testing a computer system. In the first connotation, hacking re- quires skills to obtain valid user accounts on computer systems that would otherwise be unavailable, and the term connotes the repetitive nature of break-in attempts. Once successful entry is made, the illicit accounts are often shared among associates and described as being “freshly (or newly) hacked.” The second connotation refers to someone possessing the knowledge, ability, and desire to fully explore a computer sys- tem.

For elite hackers, the mere act of gaining entry is not enough to warrant the “hacker” label; there must be a desire to master and skill to use the system after access has been achieved: It’s Sunday night, and I’m in my room, deep into a hack. My eyes are on the monitor, and my hands are on the keyboard, but my mind is really on the operating system of a super-minicomputer a thousand miles away – a super-mini with an operating systems that does a good job of tracking users, and that will show my activities in its user logs, unless I can outwit it in the few hours before the Monday morning staff arrives for work…Eighteen hours ago, I managed to hack a pass- word for the PDP 11/44. Now, I have only an hour or so left to alter the user logs. If I don’t the logs will lead the system operators to my secret account, and the hours of work it took me to get this account will be wasted (Landreth, 1985: 57-58). An elite hacker must experiment with command structures and explore the many files available in order to understand and ef- fectively use the system.

This is sometimes called “hacking around” or simply “hacking a system”. This distinction is neces- sary because not all trespassers are necessarily skilled at hack- ing out passwords, and not all hackers retain interest in a sys- tem once the challenge of gaining entry has been surmounted. Further, passwords and accounts are often traded, allowing even an unskilled intruder to erroneously claim the title of “hacker.” Our data indicate that, contrary to their media image, hack- ers avoid deliberately destroying data or otherwise damaging the system. Doing so would conflict with their instrumental goal of blending in with the average user to conceal their presence and prevent the deletion of the account. After spending what may be a substantial amount of time obtaining a high access account, the hacker places a high priority on not being discovered using it, and hackers share considerable contempt for media stories that portray them as “criminals.” The leading CU periodicals (e.g., PHRACK, PIRATE) and several CU “home boards” reprint and disseminate media stories, adding ironic commentary. The percep- tion of media distortion also provides grist for message sec- tions: A1: I myself hate newspaper reporters who do stories on hackers, piraters, phreaks, etc..because they always make us sound like these incred.

%sic% smart people (which isn’t too bad) who are the biggest threat to to- days community. Shit..the BEST hackers/phreaks/etc will tell you that they only do it to gain information on those systems, etc..(Freedom – That’s what they call it..right?) (grin) A2: Good point..never met a “real p/h type yet who was into ripping off. To rip of a line from the Steve Good- man song (loosely), the game’s the thing. Even those who allegedly fly the jolly rodger %pirates%, the true ones, don’t do it for the rip-off, but, like monopoly, to see if they can get Boardwalk and Park Place without losing any railroads. Fun of the latter is to start on a board with a single good game or util %software util- ity% and see what it can be turned into, so I’m told.

Fuck the press (DS message log, 1989). One elite hacker, a member of a loose-knit organization re- cently in the national news when some participants were indicted for hacking, responded to media distortions of the group by is- sueing an underground press release: My name is %deleted%, but to the computer world, I am %deleted%. I have been a member of the group known as Legion of Doom since its creation, and admittedly I have not been the most legitimate computer user around, but when people start hinting at my supposed Communist- backed actions, and say that I am involved in a world- wide conspiracy to destroy the nation’s computer and/or 911 network, I have to speak up and hope that people will take what I have to say seriously. . .

. People just can’t seem to grasp the fact that a group of 20 year old kids just might know a little more than they do, and rather than make good use of us, they would rather just lock us away and keep on letting things pass by them. I’ve said this before, you can’t stop burglars from robbing you when you leave the doors unlocked and merely bash them in the head with baseball bats when they walk in. You need to lock the door. But when you leave the doors open, but lock up the peo- ple who can close them for you another burglar will just walk right in (“EB,” 1990).

Although skirting the law, hackers possess an explicit ethic and their primary goal is knowledge acquisition. Levy (1984: 26-36) identifies six “planks” of the original hacker ethic, and these continue to guide modern hackers: 1. First, access to computers should be unlimited and total: “Always yield to the Hands-On Imperative!” 2. Second, all information shoul …