Silicon Graphics. It's what you do with it.

It takes a hacker to catch a hacker

Part 1: Security experts flock to Las Vegas to recruit hackers
Part 2: Beyond the pranks
Part 3: Merging with the enemy
Part 4: In full swing

Published: August 10, 1997

BY JONATHAN LITTMAN
Special to the Mercury News West magazine


Beyond the pranks

If you're wondering what Def Con stands for, the term, as every hacker knows, is prominently featured in the classic hacker flick ``WarGames,'' and is short for Defense Condition, military jargon for how close we are to nuclear war.

Def Con I nearly capsized when security at the Sands Hotel & Casino booted out three 17-year-olds trying to sleep overnight in the meeting room. Hackers considered getting even: An attendee offered the conference's promoter the password to the computer that ran the casino's operations. Fortunately, he turned down the opportunity.

At Def Con II, the favorite game was ``spot the fed'': vying to identify FBI agents, Secret Service men and NSA spooks who study, record and film the computer underground. Routine pranks have included messing with hotel phone switches and video checkout systems. (Spirited sorts removed parents' blocks on X-rated fare.) In 1995 someone yanked a fire alarm out of the ceiling, dropped it in an elevator and pressed the down button, ripping out a floor of cables. One year, a couple of hackers downloaded 1,700 credit card numbers from Tower Records to show off at the conference. They went to Def Con III all right, and returned home to federal prison sentences.

Last year, female Def Con attendees -- a growing contingent -- began playfully whipping one another, until hotel security burst into the meeting room. Dark Tangent, the clean-cut 27-year-old promoter of the event, was ushered out of the Monte Carlo hotel and casino before guards could find him. He hid in another hotel until it was clear he wasn't a wanted man.

It has become increasingly tough to find a hotel to host the summertime free-for-all in Las Vegas, a city that welcomes porn star conventions. Last summer, the Monte Carlo faxed virtually every other hotel in town about the volatile conference-goers. This year, Dark Tangent found a home in the fading Aladdin by virtue of a hacker-like trick: He modified the name of his Seattle company to DC Communications.

But the fifth Def Con is more than a series of goofy episodes and pranks. This year the conference rose above its amateur roots and celebrated the creative hacker, that symbol of everything wild and frightening in technology.

The hacker ethic

``Here's how it works,'' the long-haired individual who shall go unnamed tells me between slugs on a foot-tall plastic beer glass shaped like Aladdin's lamp.

I've clocked maybe three hours in Vegas, and I'm already faced with one of those prickly hacker dilemmas, the nebulous gray area where establishment ethics and electronic exploration collide. Is he talking about a crime or a clever high-tech dodge?

``You hit 9 and then zero on the phone,'' Longhair continues, describing how to get an outside phone line. Then, he explains how to theoretically do something that might capitalize on an alleged glitch in the hotel's phone switch and save you the hotel's 75-cent access fee.

Another guy at the table, who has wrapped a softball-size wad of lunch meat in napkins, has a more primitive approach to hacking. He plugged his in-room safe into the wall outlet to try to evade paying the $2 a day fee, an experiment that did not go quite as planned. ``His safe is not working,'' says Longhair with a chuckle, adding philosophically, ``Sometimes you have to break a few things.''

Two tables away Paul Leach, an architect in Microsoft's Windows NT group, chews on his lunch. He has come for ``Black Hat Briefings,'' a relatively tame pre-Def Con event designed for corporate and government officials willing to pay $1,000 for two days of talks with hackers. In a session yesterday, a hacker named Mudge pummeled Leach with alleged password weaknesses in Microsoft Windows NT. Mudge claimed that in little more than a day he could crack all the passwords of a 40,000-employee corporation.

Leach doesn't mind being interviewed, but like most corporate folks here he seems to have forgotten his business cards. So far, nearly every corporate-government type I've talked to offers only a first name. As at a 12-step recovery meeting, it's unfashionable to be too nosy. I learned this when I met a fellow who said he works for the intelligence community.

``Which one?'' I asked.

``Let's keep it a community,'' he said with a smile.

Paul Leach says he's cool with true hackers. ``It serves as a de facto review,'' he says, ``as long as they follow the hacker ethic and tell the targets before they reveal the bugs.'' Hacker ethic? It's a term that's been kicked around for decades, and it means something different to the guy at Microsoft than to the guy who just fried his wall safe. It all depends on where you get your money. If you're hacking for the fun or challenge of it or getting paid by a corporation or the government, you're probably following the ``hacker ethic.'' Criminal enrichment, motives of revenge or mass destruction generally don't qualify -- i.e., major credit fraud, Web site slamming, erasing your former employer's billing records.

So who does Microsoft Man think are the true ethical hackers? ``Mudge, Hobbit, Yobbie,'' Leach answers, sounding as if he's naming characters out of Tolkien. Hobbit divides his time between research and consulting in computer security. Yobie Benjamin is the chief knowledge officer of Cambridge Technology Partners, a consulting firm. Mudge has the coolest job description listed in the conference program: ``Mudge works for a 3 letter organization that deals heavily with security, cryptography and various other insundary [sic] fun projects.'' The trio is well known among the cyberelite for uncovering and publicizing bugs -- frequently those found in Microsoft software.

Which naturally leads Leach to express his main concern: Excessive ethics, like anything overdone, might be a bad thing. ``We might get a reaction that borders on hysteria, like the electromagnetic power lines problem,'' he says, grimacing. ``The reality might be far less dangerous than the hype.''

After lunch, Hobbit, who is short and very smart and wearing a psychedelic shirt, is telling a room crowded with corporate and government types that putting data on a Microsoft network is about as safe as walking down a badly lighted city street alone. ``It turns out the best attack is to walk up to the door and twist the knob,'' he says. ``If the front attack doesn't work, you can try. . . . ''

Leach arrives and Hobbit continues his rant. ``If it [the software] does anything it's useless. . . . Once in, you can do a whole lot of nasty things, remote administration, viruses. . . . ''

``Hobbit, this is wrong!'' Leach shouts, jerking his hand up without peeling his eyes from the technical paper Hobbit has distributed. The outburst stirs murmurs in the back row. ``I'd like to try to hold the questions until later.'' Hobbit coolly announces.

Mudge brushes aside his locks, taps my wrist and whispers with a grin, ``This is brand new to Microsoft. He's showing how to break a [Microsoft] fix.'' Microsoft, to the hackers' delight, seems to be finding that patching bugs in its software is like trying to plug holes in a sieve with a single finger. Leach is silent, nervously popping a pen back and forth in his hands behind his back.

``Does Microsoft want to be wide open?'' Hobbit rubs it in, using slides to document supposed weaknesses in how Microsoft protects passwords. ``Microsoft is no help, so who's going to do this? Security people and hackers''

Hobbit goes on: ``What if the Big Six [accounting firms] start disrecommending these products? It might hurt their wallets.'' As the crowd applauds, Leach rushes up to Hobbit. But it's not the angry confrontation you might expect. Leach simply wants to whip his laptop out of his briefcase to prove Hobbit is wrong on some claims. Hobbit is conciliatory. ``I apologize if that sounded abusive at the end.''

At Def Con, hacking Microsoft approaches performance art, with people competing to outdo one another. Later that evening, I am crammed into a taxi with some hackers. A longhair in the front seat starts spinning dials and punching keys on a small electronic device.

``What's that?'' the cab driver asks.

``It's a scanner,'' Longhair replies.

``How much?''

``Three bills.''

Seconds later, the taxi's frequency crackles through and the cab driver laughs at the sound of his dispatcher. Longhair pivots and gets in my face. ``You can't print our names, all right?'' A minute later, he's switched frequencies and pulls the tiny microphone to his lips.

``We've had some problems with Paul Leach,'' he says in a serious voice. ``We need to run a check on him. What's his room number?''

``Who's he talking to?'' I stupidly ask my seatmate.

``Security at the Aladdin,'' he deadpans, as the other riders laugh wildly.

Part 3: Merging with the enemy

Home
News Library
Index
Feedback