3   Founded By:    3 :  Network Information Access   : 3   Founded By:    3
 3 Guardian Of Time CD6            06JUN90            GD4   Judge Dredd    3
          3           :            File 40            :           3
          3           HMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM<           3
          @DDDDDDD: Views Of Golstein: Operation Sundevil GDDDDDDDY

These are the opinions and views of Emmanuel Golstein, which many of you
don't know the name, but have heard of his publication - 2600 Magazine.
The Moderator is refered to in here, and he is the person who moderates
[overwatches/censors] the material posted in this specific net
[comp.dcom.telecom] and is also the one who captures/archives related
posts in what many of you have seen as TELECOM Digest.  Enough of background
info, enjoy.

It's real disturbing to read the comments that have been posted
recently on TELECOM Digest concerning Operation Sun Devil and Mitch
Kapor's involvement.  While I think the moderator has been chastised
sufficiently, there are still a few remarks I want to make.

First of all, I understand the point he was trying to get across. But
I think he shot from the hip without rationalizing his point first,
thereby leaving many of us in a kind of stunned silence. If I
understand it correctly, the argument is: Kapor says he wants to help
people that the Moderator believes are thieves. Therefore, using that
logic, it's okay to steal from Kapor.

Well, I don't agree. Obviously, Kapor DOESN'T believe these people are
criminals. Even if one or two of them ARE criminals, he is concerned
with all of the innocent bystanders that are being victimized here.
And make no mistake about that - there are many innocent bystanders
here. I've spoken to quite a few of them. Steve Jackson, Craig
Neidorf, the friends and families of people who've had armed agents of
the federal government storm into their homes and offices. It's a very
frightening scenario - one that I've been through myself.  And when it
happens there are permanent scars and a fear that never quite leaves.
For drug dealers, murderers, hardened criminals, it's an acceptable
price in my view. But a 14 year old kid who doesn't know when to stop
exploring a computer system? Let's get real. Do we really want to mess
up someone's life just to send a message?

I've been a hacker for a good part of my life. Years ago, I was what
you would call an "active" hacker, that is, I wandered about on
computer systems and explored. Throughout it all, I knew it would be
wrong to mess up data or do something that would cause harm to a
system. I was taught to respect tangible objects; extending that to
encompass intangible objects was not very hard to do. And most, if not
all, of the people I explored with felt the same way. Nobody sold
their knowledge. The only profit we got was an education that far
surpassed any computer class or manual.

Eventually, though, I was caught. But fortunately for me, the
witch-hunt mentality hadn't caught on yet. I cooperated with the
authorities, explained how the systems I used were flawed, and proved
that there was no harm done. I had to pay for the computer time I used
and if I stayed out of trouble, I would have no criminal record. They
didn't crush my spirit. And the computers I used became more secure.
Except for the fear and intimidation that occurred during my series of
raids, I think I was dealt with fairly.

Now I publish a hacker magazine. And in a way, it's an extension of
that experience. The hackers are able to learn all about many
different computer and phone systems. And those running the systems,
IF THEY ARE SMART, listen to what is being said and learn valuable
lessons before it's too late.  Because sooner or later, someone will
figure out a way to get in. And you'd better hope it's a hacker who
can help you figure out ways to improve the system and not an
ex-employee with a monumental grudge.

In all fairness, I've been hacked myself. Someone figured out a way to
break the code for my answering machine once. Sure, I was angry -- at
the company.  They had no conception of what security was. I bought a
new machine from a different company, but not before letting a lot of
people know EXACTLY what happened. And I've had people figure out my
calling card numbers. This gave me firsthand knowledge of the
ineptitude of the phone companies. And I used to think they understood
their own field! My point is: you're only a victim if you refuse to
learn. If I do something stupid like empty my china cabinet on the
front lawn and leave it there for three weeks, I don't think many
people will feel sympathetic if it doesn't quite work out. And I don't
think we should be sympathetic towards companies and organizations
that obviously don't know the first thing about security and very
often are entrusted with important data.

The oldest hacker analogy is the walking-in-through-the-front-
door-and-rummaging-through-my-personal-belongings one. I believe the
Moderator recently asked a critic if he would leave his door unlocked
so he could drop in and rummage. The one fact that always seems to be
missed with this analogy is that an individual's belongings are just
not interesting to someone who simply wants to learn. But they ARE
interesting to someone who wants to steal. A big corporation's
computer system is not interesting to someone who wants to steal,
UNLESS they have very specific knowledge as to how to do this (which
eliminates the hacker aspect). But that system is a treasure trove for
those interested in LEARNING. To those that insist on using this old
analogy, I say at least be consistent. You wouldn't threaten somebody
with 30 years in jail for taking something from a house. What's
especially ironic is that your personal belongings are probably much
more secure than the data in the nation's largest computer systems!

When you refer to hacking as "burglary and theft", as the Moderator
frequently does, it becomes easy to think of these people as hardened
criminals. But it's just not the case. I don't know any burglars or
thieves, yet I hang out with an awful lot of hackers. It serves a
definite purpose to blur the distinction, just as pro-democracy
demonstrators are referred to as rioters by nervous leaders. Those who
have staked a claim in the industry fear that the hackers will reveal
vulnerabilities in their systems that they would just as soon forget
about. It would have been very easy for Mitch Kapor to join the
bandwagon on this. The fact that he didn't tells me something about
his character. And he's not the only one.

Since we published what was, to the best of my knowledge, the first
pro-hacker article on all of these raids, we've been startled by the
intensity of the feedback we've gotten. A lot of people are angry,
upset, and frightened by what the Secret Service is doing. They're
speaking out and communicating their outrage to other people who we
could never have reached. And they've apparently had these feelings
for some time. Is this the anti-government bias our Moderator accused
another writer of harboring? Hardly. This is America at its finest.

Emmanuel Goldstein
Editor, 2600 Magazine - The Hacker Quarterly