Computer Crime Research Center


'Hackers are necessary': Q&A with Emmanuel Goldstein of 2600: The Hacker's Quarterly

Date: April 19, 2004
By: Emmanuel Goldstein

... the rest of society. You don't become a hacker by snapping your fingers. It's not about getting easy answers or making free phone calls or logging into someone else's computer. Hackers "feel" what they do, and it excites them.

I find that if the people around you think you're wasting your time but you genuinely like what you're doing, you're driven by it, and you're relentless in your pursuit, you have a good part of a hacker in you. But if you're mobbed by people who are looking for free phone calls, software or exploits, you're just an opportunist, possibly even a criminal. We already have words for these people and it adequately defines what they do. While it's certainly possible to use hacking ability to commit a crime, once you do this you cease being a hacker and commence being a criminal. It's really not a hard distinction to make.

Now, we have a small but vocal group who insist on calling anyone they deem unacceptable in the hacker world a "cracker." This is an attempt to solve the problem of the misuse of the word "hacker" by simply misusing a new word. It's a very misguided, though well-intentioned, effort. The main problem is that when you make up such a word, no further definition is required. When you label someone with a word that says they're evil, you never really find out what the evil was to begin with. Murderer, that's easy. Burglar, embezzler, rapist, kidnapper, all pretty clear. Now along comes cracker and you don't even know what the crime was. It could be crashing every computer system in Botswana. Or it could be copying a single file. We need to avoid the labeling and start looking at what we're actually talking about. But at the same time, we have to remember that you don't become a hacker simply because you say you are.

12. Do people stay in hacking a long time, or is it the kind of thing that people do for a few years and then move on to something else?

It can be either. I tend to believe that it's more of a philosophy, a way of looking at something. When you have the hacker perspective, you see potential where others don't. Also, hackers think of things like phones, computers, pagers, etc., as toys and things to be enjoyed whereas others see work and responsibility and actually come to dread these things. That's why hackers like to hold onto their world and not become part of the mainstream. But it certainly can and does happen.

13. What is the future of hacking?

As long as the human spirit is alive, there will always be hackers. We may have a hell of a fight on our hands if we continue to be imprisoned and victimized for exploring, but that will do anything but stop us.

14. Given increased attention to corporate and government security, is it getting tougher to hack or not?

Hacking isn't really about success -- it's more the process of discovery. Even if real security is implemented, there will always be new systems, new developments, new vulnerabilities. Hackers are always going to be necessary to the process and we're not easily bored.

15. Is the possibility of being identified and even prosecuted an issue for most hackers?

Hackers make very bad criminals. This is why we always wind up being prosecuted. We don't hide very well or keep our mouths sealed shut to protect corporate or government interests. But the same security holes would exist even if we weren't around, so I think the hackers should be properly seen as messengers. That doesn't mean that you should expect them to just hand over all of their knowledge -- it's important to listen and interpret on your own, as any hacker would.

16. Are there hackers who are up for hire? What are they paid? Who hires them, and for what?

Just as you can use hacker ability to attain a life of crime, you can use that ability to become a corporate success. Some are able to hold onto their hacker ideals. Others, sadly, lose them. It's especially hard when young people who haven't worked it all out yet are approached and tempted with huge amounts of money by these entities. It can be very hard to resist and the cost is often greater than anticipated.

17. Have you had any contact with people you consider cyberterrorists? Do you endorse what they do?

In all of the time I've been in the scene, which is a pretty long time, I've never come across anyone I consider to be a "cyberterrorist," whatever that is. Most people who talk of such creatures either have something to sell or some bill to pass. This is not to say that such a concept is impossible. But I believe the current discussions aren't based in reality and have very suspicious ulterior motives.

18. What about the people who hack into Pentagon sites? Do you think they should be punished?

According to the Pentagon, there is no risk of anything classified being compromised because it's not on the Internet. If they were wrong, I would like to see someone prove that. If a non-classified site is hacked, I don't see the harm unless something is damaged in some way. Remember, the security hole was already there. If a hacker finds it, it's far more likely the people running the system will learn of the hole. If a criminal or someone with an ulterior motive (espionage, etc.) finds the hole first, it's likely to remain secret for much longer and the harm will be far greater.

While you may resent the fact that some 14-year-old from Topeka proved your security sucks, think of what could have happened had you not learned of this and had someone else done it instead. I'm the first to say that people who cause damage should be punished, but I really don't think prison should be considered for something like this unless the offender is a true risk to society. The great majority of these cases do not involve damage or vandalism, a fact that largely goes unreported. What people have to remember is that most of the time, this is simply an example of kids being kids and playing games like they have always done.

Obviously, the tools have changed, but that's really not something the kids are responsible for. If some kid somewhere can access your medical records or your phone records, he or she is not the one who put them there. The true violator of your privacy is the person who made the decision to make them easily accessible.

19. Your real name is Eric Corley. Why do you use the name Emmanuel Goldstein?

I believe everyone should be given the opportunity to name themselves. That name should reflect something about who you are and what you believe in and stand for. Emmanuel Goldstein is that for me, and for those who want to learn why, get a copy of George Orwell's "1984" and see for yourself. Interestingly, our first issue of 2600 was published in January 1984. A complete coincidence.
Add comment  Email to a Friend

Discussion is closed - view comments archieve
2007-02-14 14:51:50 - rqwcbkh rvywpodxn jlgbe lbjkrdn zphw... pgznajtix rkzbf
2007-02-14 14:51:43 - owsehauf goxlkm zwfar wdbf zosry lpcuegwj... vqciohnr sbvfupd
2004-05-20 15:39:15 - Some hackers are harmless, some are... Andre J
2004-05-07 00:29:39 - To John Q. You should read the article... You dont get it, John Q.
2004-04-28 19:07:21 - No more nosey than the US Government.... EthanGilchrist
2004-04-27 20:51:47 - Hacking is necessary for people who steal,... John Q.
Total 6 comments
Copyright © 2001-2024 Computer Crime Research Center
CCRC logo