- The Washington Times - Wednesday, February 16, 2000

In the beginning, the term "hacker" was a badge of pride. They were the people who could cleverly craft the code you needed, could make the software sing and dance. A "hack" was a piece of work that did the job; a "good hack" was a thing of beauty.

Elegance mattered, and style. A sushi programmer could slice code thinly enough to see through, writing small programs with a few lines of instruction that could outperform bloated commercial software 10 times as long.

At some point, "hacker" took on an outlaw connotation and a hack became an outside-in operation. You hacked into things passwords, say to enter forbidden systems. The legendary early hackers romanticized themselves as paladins who could take on an establishment Unix box and singlehandedly score one for the little guy. The motto was "Information wants to be free," and any government database or Fortune 500 computer with restrictive security was practically begging for these Robin Hoods to set things right.

Yes, technically they were stealing. The phone phreaks hacked into telephone systems and stole long-distance time, for instance, though that was mainly just a way of keeping score. (Guys named FoneFantom weren't really in the market for a lot of toll calls to Argentina.)

By and large, such hackers did no damage. Their vital role in the emerging cyberecology was as predators improving the herd by weeding out the weak. Phreakers and hackers forced buttoned-down, establishment nerd programmers to scrutinize security, to close some of the trapdoors built into software programs and operating systems, to think intelligently about what needed protection and what ought to be open.

It was a liberating idea, that renegade hackers could penetrate Microsoft's copy protection schemes or find a way into Ma Bell's change purse. Freedom blew on the hacker breeze, a whiff of cowboy justice, an appeal to the anarchist in us all.

But at some point nearly every weekend anarchist craves order, and that day was not long coming. Perhaps inevitably, the old hacker ethic began to mutate when the cyberculture started to go mainstream. Virus attacks evolved from gotcha to malice. There was nothing romantic about losing all the information on your hard drive to a Melissa virus. None of us liked paying the increased cost of data security at the bank just because some teen-ager wanted to watch a big computer go boom.

The attacks now undermining major Web sites with denial-of-service assaults represent yet another mutation, this time into apparent vandalism that original hackers would certainly have disdained as simple-minded and low class. And so they are.

In fact, as many a smart teen-ager knew instantly, these aren't hackers at all; they are known, derisively, as "script kiddies" and "packet monkeys" plug-and-play copycats who simply implement the clever (if destructive) work of somebody else.

As the Internet and World Wide Web integrate ever-more into everyday life, then inevitably everyday problems will attach. Vandals spray-paint bank walls because they're the biggest buildings in town. They carpet-bomb eBay and Amazon.com with the digital equivalent of stink bombs for much the same reason.

The Internet is especially vulnerable because it is, at the DNA-level, an open system. It's like a library or a public park: You could keep it cleaner and safer by locking the doors and not letting anybody in. But a building full of locked-up books isn't a library any more.

It's taken as a truism of the Internet that its distributed, decentralized structure simply routes around damage, absorbing disruption and patching over problems. So far that's true, and the Chicken Little skeptics and cynics predicting its collapse for years have been discredited.

They are re-emerging now as "network security consultants" and headline-seeking politicians who want restrictive access policies and new laws to "protect the Internet." Like the people who want to eliminate graffiti by keeping every kid off the streets after sunset, these folks prescribe draconian cures because they're looking for an unrealistic and unnecessary level of assurance and security.

A worried Bay Area computer user fretted in print about online disruptions after the denial-of-service attacks last week: "I'm seeing that no matter what safety and controls they come up with, they're not really fail-safe."

No kidding. And you know what? The rest of life isn't fail-safe either. People steal credit card statements from mailboxes and snatch cars parked at the mall. But that doesn't mean we shouldn't use credit cards or drive. Likewise, it doesn't mean we should so restrict Internet use that it becomes more trouble than it's worth. Let's not get too exercised about new rules and regulations "to save the Internet" it doesn't need to be saved.

Howard Weaver is editor of The Sacramento Bee's editorial pages in which this article appeared prior to distribution by Scripps Howard News Service.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide