Hackers, Crackers, Phreaks and Geeks
12.44 p.m. ET (1644 GMT) September 4, 1999
By Stephanie Izarek - Fox News

NEW YORK — If your perception of a hacker is a stringy-haired, socially inept teenager hunched over a PC in his mother's basement downloading secrets from government servers, you may be right.

But if you were one of the countless people who took advantage of the recent Hotmail hole "just to see" if you could check out other people's email, then you, my friend, are a hacker too.

Nearly all the media's coverage of hackers has been negative. Highly publicized instances of credit-card fraud, virus outbreaks, Web site vandalism and information warfare have helped perpetuate an already one-sided story. Hackers think they've been dealt a raw deal, and the public trembles at the mere mention of the word.

In reality, though, the hacker community is much more diverse in its membership and philosophy than you might imagine, with the majority of members holding regular, professional jobs. They are also often called upon by corporations and the government to solve network and security problems so the public can cruise along in safety.

"Most hackers I have met do tend to fit the stereotype of young white males, but because of those who hide their identities and gender, there is no way to know," says Pserv, a 20-year-old female computer consultant.

Interestingly, the number of women hackers is on the upswing, says Tazinator, president of HFX International, a liberation group founded to bring information about technology, computers, and the Net to the public. "Females may have to work a little harder to prove themselves as knowledgeable, but the vast majority of guys I know are very accepting. They think it's cool," says Pserv.

Demographics aside, "the hysteria is unwarranted," says Tazinator, whose group's main goal is to improve the public image of hackers. "I've been in the circuit for about 15 years, and people are really afraid of hackers. No one wants to talk to you if they know that's what you do."

Tazinator blames the media for the misconception that all hackers set out to do harm. "They don't take apart the issue to explain it. It's not bad reporting, just incomplete. The other problem is the few 'crackers' who torment innocent people. The rumor mill starts, and suddenly everyone is afraid of hackers."

Criminal defense lawyer Jennifer Granick agrees that not all hackers are bad. "After some media attention, hacking came to be seen as cool and underground, but at the same time criminal. Skills can be used for good or for bad. As a whole, hackers are just technologically adept, relatively young, curious people. Just like there are bank robbers and spies, (technology) is just another tool for that."

"As more of society goes onto the Internet, it becomes more of a mirror of society," says Katie Hafner, co-author of Cyberpunk and Where Wizards Stay Up Late. "Everybody's doing everything that they do in the physical world, but people are still afraid because it's new."

Defining the Terms

The terminology in and around the hacking community has become garbled as well. According to Granick, criminal hacking refers to unauthorized access to computer systems, period. But some argue that intent matters more. Cracking is the term used to describe hacking with no ethics and malicious intent.

Unfortunately, Tazinator says a pretty large segment of the community does fall into this category. "I use this term to refer to the juvenile delinquents who crash and virus systems. They think it's cool and funny. These people are push-button hackers who rely on someone else's programming to get what they want to do done. Our goal is to change the outlook."

Another type of hack, called phreaking, is prevalent. This group accesses phone networks to make free phone calls or rerouting phone calls for a prank. "I know a few people who deal with it," says Tazinator. "But I don't feel it's a bad, bad thing, given the outrageous costs of phone calls."

Azira, a computer science student, blames the lack of a word to describe something between hacking and cracking. "Take someone who writes a program that exploits a security bug in a program like Microsoft Office, but does not actually alter any data. That person may not have any malicious intent and hence, refers to him or herself as a hacker. Their only motivation is to make the bug known to the public on the premise that information should be free."

Microsoft sees this person as a threat to their public image, says Azira. "Has our intrepid hacker done something bad? That depends. They didn't break anything, but they have certainly made it easier for others to do so. They are in a moral and ethical gray area."

The line between public and private is also blurred somewhat. "The line of trespass is not as clear in the electronic world as it might be in the physical world," says Granick. "Anyone can see the line that marks an entrance into someone's house. There may be no interest in hurting anyone. But people need to know that the law prohibits mere trespass, even if the motivation is the same as looking around an abandoned building." Hafner adds, "Hacking in a broad scope, is unauthorized access. But then you can start nitpicking; what if you don't need a password?"

"There are more malicious burglars than there are hackers. And I consider my computer to be a little more public then my house," says Azira. "If someone broke into my house I would be upset, regardless of whether or not they took anything. If someone broke into my computer, that would not upset me. If they proceeded to delete all of my files, however, then I would be very much upset."

Why Hack?

If it's legally and morally unclear, then why hack at all? There are countless reasons, but most hackers are motivated by one thing: Curiosity.

"I do it for the discovery of the hidden. I like to take things apart and see why they work or don't work," says Pserv.

Azira says, "Some night I might think to myself 'Gee, I wonder if I can get my computer to page me whenever I get email from my friend Bob.' Not that I really need that to happen, but it is fun."

Female hacker Samarac, also known as The Conductor, founder of Underground Railroad and press relations director for HFX International, says, "I see myself as a purist hacker from the old school. It's learning about how computers and programming works. The worthwhile part is expanding your knowledge. People need to use the skills for creativity instead of maliciousness."

Improving technology and computer products weighs heavy on the minds of many hackers, as well. Tazinator says, "If we find a hole, we make it known. We contact Microsoft twice. If they still ignore us, we'll go public with a press release."

As for the bunch that does fish for credit cards, makes political statements, harasses people or just wants bragging rights, the consensus in the community is that it's not real hacking and those folks don't have the higher-level skills anyway.

"It's just the latest form of rebellion," says Samarac. "Normally, there is no desire to get into a common person's computer unless you ticked them off. It's become an image thing more than anything else — as opposed to learning."

"In my experience most malicious stuff is actually done generally by disgruntled employees," adds Granick. "Not the fourteen-year-old."

Despite the fear factor, there is a huge business market for good hackers. At DefCon, an annual hackers' conference, the FBI, CIA and corporations set up booths to recruit hackers for employment. "Several businesses have approached me to come in and teach their programmers and to break into their business networks to test security," says Samarac.

There may be no other way to test for security, but critics say that this rewards unethical behavior. Hafner says that the motivation to hack for some is often money. "And there are always those who stay on the dark side and become hackers for hire for corporate espionage. This is where it all gets really scary. It's the new battleground; information is the commodity of the next century."

Because this is a relatively new category of crime, it's interesting both from a tech and legal standpoint. Currently, committing a crime with a PC, such as tapping into a credit card database is tried at the federal level, whereas the comparable crime of stealing 15 numbers out of a restaurant garbage can is tried at the state level, with a lesser sentencing.

"Whenever a new technology is introduced people become fearful and try to use criminal law to control it," says Granick. "But the precedents we set now will be with us for long time. It's extra important that we do it right, so we aren't living with bad law. We want to promote computer security at the same time we promote knowledge and personal freedom. Right now, it might not be enough on the side of freedom."

Granick says that the metaphor of breaking into someone's house exaggerates the fear factor, too. "A computer is not a person's house, and we're not talking about the same level of danger or the same level of violation. We need to distinguish between something that is truly dangerous or immoral and something which is just inconvenient."

To Fear or Not to Fear?

In the end, should we be afraid of hackers?

"Be wary. Don't be afraid," says Tazinator. "The big name groups are reputable, and they don't break in and crash systems just because they feel like it; it's more to make it secure for the user."

"There is a whole stratification of hackers — the mischief-makers, the curiosity seekers and the rebels," says Hafner. "I wouldn't worry about the little guys. I'd worry about a whole world of information warfare that is all about terrorism and foreign power against foreign power."

"Remember," says Pserv, "hackers of one kind or another built the first computers and the Internet, and made possible the technology that we depend on every day. The hacker spirit is one of curiosity, perseverance and perfectionism, and is not to be feared. Though technology has become all-pervasive in today's world, the average person still does not understand how it really works."