💾 Archived View for spam.works › mirrors › textfiles › bbs › hacker.txt captured on 2023-06-14 at 15:53:40.
-=-=-=-=-=-=-
NORTHERN ILLINOIS UNIVERSITY THE SOCIAL ORGANIZATION OF THE COMPUTER UNDERGROUND A THESIS SUBMITTED TO THE GRADUATE SCHOOL IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE MASTER OF ARTS DEPARTMENT OF SOCIOLOGY BY GORDON R. MEYER %CompuServe: 72307,1502% %GEnie: GRMEYER% DEKALB, ILLINOIS AUGUST 1989 ^ ABSTRACT Name: Gordon R. Meyer Department: Sociology Title: The Social Organization of the Computer Underground Major: Criminology Degree: M.A. Approved by: Date: __________________________ ________________________ Thesis Director NORTHERN ILLINOIS UNIVERSITY ^ ABSTRACT This paper examines the social organization of the "computer underground" (CU). The CU is composed of actors in three roles, "computer hackers," "phone phreaks," and "software pirates." These roles have frequently been ignored or confused in media and other accounts of CU activity. By utilizing a data set culled from CU channels of communication this paper provides an ethnographic account of computer underground organization. It is concluded that despite the widespread social network of the computer underground, it is organized primarily on the level of colleagues, with only small groups approaching peer relationships. ^ Certification: In accordance with departmental and Graduate School policies, this thesis is accepted in partial fulfillment of degree requirements. _____________________________________ Thesis Director _____________________________________ Date ^ ACKNOWLEDGMENTS FOR CRITIQUE, ADVICE, AND COMMENTS: DR. JAMES L. MASSEY DR. JIM THOMAS DR. DAVID F. LUCKENBILL FOR SUPPORT AND ENCOURAGEMENT: GALE GREINKE SPECIAL THANKS TO: D.C., T.M., T.K., K.L., D.P., M.H., AND G.Z. THIS WORK IS DEDICATED TO: GEORGE HAYDUKE AND BARRY FREED ^ TABLE OF CONTENTS Introduction . . . . . . . . . . . . . . . . . . . 1 Methodology . . . . . . . . . . . . . . . . . . . 6 What is the Computer Underground? . . . . . . . . 11 Topography of the Computer Underground . . . . . . 20 Hacking . . . . . . . . . . . . . . . . . 20 Phreaking . . . . . . . . . . . . . . . . . . 21 Pirating . . . . . . . . . . . . . . . . . 24 Social Organization and Deviant Associations . . . 28 Mutual Association . . . . . . . . . . . . . . . . 31 The Structure of the Computer Underground . . . . 33 Bulletin Board Systems . . . . . . . . . . 33 Towards a BBS Culture . . . . . . . . . 37 Bridges, Loops, and Voice Mail Boxes . . . 53 Summary . . . . . . . . . . . . . . . . . . 57 Mutual Participation . . . . . . . . . . . . . . . 59 Pirate Groups . . . . . . . . . . . . . . . 63 Phreak/hack groups . . . . . . . . . . . . 64 Summary . . . . . . . . . . . . . . . . . . 67 Conclusion . . . . . . . . . . . . . . . . . . . . 69 REFERENCES . . . . . . . . . . . . . . . . . . . . 75 APPENDIX A. COMPUTER UNDERGROUND PSEUDONYMS . . . 76 APPENDIX B. NEW USER QUESTIONNAIRE FROM A PHREAK/HACK BBS . 77 ^ Introduction The proliferation of home computers has been accompanied by a corresponding social problem involving the activities of so-called "computer hackers." "Hackers" are computer aficionados who "break in" to corporate and government computer systems using their home computer and a telephone modem. The prevalence of the problem has been dramatized by the media and enforcement agents, and evidenced by the rise of specialized private security firms to confront the "hackers." But despite this flurry of attention, little research has examined the social world of the "computer hacker." Our current knowledge in this regard derives from hackers who have been caught, from enforcement agents, and from computer security specialists. The everyday world and activities of the "computer hacker" remain largely unknown. This study examines the way actors in the "computer underground" (CU) organize to perform their acts. The computer underground, as it is called by those who participate in it, is composed of actors adhering to one of three roles: "hackers," "phreakers," or "pirates." To further understanding this growing "social problem," this project will isolate and clarify ^ 8 these roles, and examine how each contributes to the culture as a whole. By doing so the sociological question of how the "underground" is organized will be answered, rather than the technical question of how CU participants perform their acts. Best and Luckenbill (1982) describe three basic approaches to the study of "deviant" groups. The first approach is from a social psychological level, where analysis focuses on the needs, motives, and individual characteristics of the actors involved. Secondly, deviant groups can be studied at a socio-structural level. Here the emphasis is on the distribution and consequences of deviance within the society as a whole. The third approach, the one adopted by this work, forms a middle ground between the former two by addressing the social organization of deviant groups. Focusing upon neither the individual nor societal structures entirely, social organization refers to the network of social relations between individuals involved in a common activity (pp. 13-14). Assessing the degree and manner in which the underground is organized provides the opportunity to also examine the culture, roles, and channels of communication used by the computer underground. The focus here is on the day to day experience of persons whose activities have been ^ 9 criminalized over the past several years. Hackers, and the "danger" that they present in our computer dependent society, have often received attention from the legal community and the media. Since 1980, every state and the federal government has criminalized "theft by browsing" of computerized information (Hollinger and Lanza-Kaduce, 1988, pp.101- 102). In the media, hackers have been portrayed as maladjusted losers, forming "high-tech street gangs" (Chicago Tribune, 1989) that are dangerous to society. My research will show that the computer underground consists of a more sophisticated level of social organization than has been generally recognized. The very fact that CU participants are to some extent "networked" has implications for social control policies that may have been implemented based on an in- complete understanding of the activity. This project not only offers sociological insight into the organ- ization of deviant associations, but may be helpful to policy makers as well. I begin with a discussion of the definitional problems that inhibit the sociological analysis of the computer underground. The emergence of the computer underground is a recent phenomenon, and the lack of empirical research on the topic has created an area ^ 10 where few "standard" definitions and categories exist. This work will show that terms such as "hacker," "phreaker," and "pirate" have different meanings for those who have written about the computer underground and those who participate in it. This work bridges these inconsistencies by providing definitions that focus on the intentions and goals of the participants, rather than the legality or morality of their actions. Following the definition of CU activities is a discussion of the structure of the underground. Utilizing a typology for understanding the social organization of deviant associations, developed by Best and Luckenbill (1982), the organization of the computer underground is examined in depth. The analysis begins by examining the structure of mutual association. This provides insight into how CU activity is organized, the ways in which information is obtained and disseminated, and explores the subcultural facets of the computer underground. More importantly, it clearly illustrates that the computer underground is primarily a social network of individuals that perform their acts separately, yet support each other by sharing information and other resources. After describing mutual association within the underground community, evidence of mutual participation ^ 11 is presented. Although the CU is a social network, the ties developed at the social level encourage the formation of small "work groups." At this level, some members of the CU work in cooperation to perform their acts. The organization and purposes of these groups are examined, as well as their relationship to the CU as a whole. However, because only limited numbers of individuals join these short-lived associations, it is concluded that the CU is organized as colleagues. Those who do join "work groups" display the characteristics of peers, but most CU activity takes place at a fairly low level of sophistication. ^ 12 Methodology Adopting an ethnographic approach, data have been gathered by participating in, monitoring, and cata- loging channels of communication used by active members of the computer underground. These channels, which will be examined in detail later, include electronic bulletin board systems (BBS), voice mail boxes, bridges, loops, e-mail, and telephone conversations. These sources provide a window through which to observe interactions, language, and cultural meanings without intruding upon the situation or violating the privacy of the participants. Because these communication centers are the "back stage" area of the computer underground, they provided insight into organizational (and other) issues that CU participants face, and the methods they use to resolve them. As with any ethnographic research, steps have been taken to protect the identity of informants. The culture of the computer underground aids the researcher in this task since phreakers, hackers, and pirates regularly adopt pseudonyms to mask their identity. However to further ensure confidentiality, all of the pseudonyms cited in this research have been changed by the author. Additionally, any information that is ^ 13 potentially incriminating has been removed or altered. The data set used for this study consists primarily of messages, or "logs," which are the primary form of communication between users. These logs were "captured" (recorded using the computer to save the messages) from several hundred computer bulletin boards1 located across the United States. The bulk of the data were gathered over a seventeen month period (12/87 to 4/89) and will reflect the characteristics of the computer underground during that time span. However, some data, provided to the researcher by cooperative subjects, dates as far back as 1984. The logged data were supplemented by referring to several CU "publications." The members of the computer underground produce and distribute several technical and tutorial newsletters and "journals." Since these "publications" are not widely available outside of CU circles I have given a brief description of each below. Legion of Doom/Hackers Technical Journal. This ____________________ 1 Computer Bulletin Boards (BBS) are personal computers that have been equipped with a telephone modem and special software. Users can connect with a BBS by dialing, with their own computer and modem, the phone number to which the BBS is connected. After "logging in" by supplying a valid user name and pass- word, the user can leave messages to other users of the system. These messages are not private and anyone calling the BBS can freely read and respond to them. ^ 14 publication is written and distributed by a group known as "The Legion of Doom/Legion of Hackers" (LoD/H). It is available in electronic format (a computer text file) and contains highly technical information on computer operating systems. As of this writing, three issues have been published. PHRACK Inc.: Phrack Inc is a newsletter that contains various articles, written by different authors, and "published" under one banner. Phrack Inc's first issue was released in 1985, making it the oldest of the electronically distributed underground publications. CU participants are invited to submit articles to the editors, who release a new issue when a sufficient number (about nine) of acceptable pieces have been gathered. Phrack also features a lengthy "World News" with stories about hackers who have been apprehended and interviews with various members of the underground. As of this writing twenty-seven issues of Phrack, have been published. Phreakers/Hackers Underground Network (P/Hun): Like Phrack, P/Hun collects articles from various authors and releases them as one issue. Three issues have been published to date. Activist Times, Incorporated (ATI): Unlike the other electronically distributed publications, ATI does ^ 15 not limit itself to strictly computer/telephone news. Articles normally include commentary on world and government events, and other "general interest" topics. ATI issues are generally small and consist of articles written by a core group of four to seven people. Unlike the publications discussed thus far, ATI is available in printed "hard copy" form by sending postage reimbursement to the editor. ATI is currently on their 38th issue. 2600 Magazine: Published in a traditional (printed) magazine format, 2600 (named for the frequency tone used to make free long distance phone calls) is arguably an "underground" publication as it is available on some newsstands and at some libraries. Begun in 1987 as a monthly magazine, it is now published quarterly. Subscription rates are $25.00 a year with a complete back-issue selection available. The magazine specializes in publishing technical information on telephone switching systems, satellite descrambling codes, and news about the computer underground. TAP/YIPL: First established in 1972 as YIPL (Youth International Party Line), this publication soon changed its name to TAP (Technical Assistance Party). Co-founded by Abbie Hoffman, it is generally recognized ^ 16 as the grandfather of computer underground publications. Publication of the 2-4 page newsletter has been very sporadic over the years, and currently two different versions of TAP, each published in different areas of the country, are in circulation. Utilizing a data set that consists of current message logs, old messages logs, and various CU publications yields a reasonably rich collection from which to draw the analysis. Examination of the older logs and publications shows that while the actors have changed over the years, cultural norms and characteristics have remained consistent over time. ^ 17 What is the Computer Underground? Defining the "computer underground" can be difficult. The sociologist soon finds that there are several competing definitions of computer underground activity. Those who have written on the subject, the media, criminologists, computer programmers, social control agents, and CU participants themselves, have adopted definitions consistent with their own social positions and perspectives. Not surprisingly, these definitions rarely correspond. Therefore, before discussing the organization of the computer underground, it is necessary to discuss and compare the various definitions. This will illustrate the range of beliefs about CU activity, and provide a springboard for the discussion of types of roles and activities found in the underground. We begin with a discussion of the media image of computer hackers. The media's concept of "hackers" is important because the criminalization of the activity has largely occurred as the result of media drama- tization of the "problem" (Hollinger and Lanza-Kaduce, 1988). In fact, it was a collection of newspaper and film clips that was presented to the United States Congress during legislative debates as evidence of the ^ 18 computer hacking problem (Hollinger and Lanza-Kaduce, 1988, p.107). Unfortunately, the media assessment of the computer underground displays a naive understanding of CU activity. The media generally makes little distinction between different types of CU activity. Most any computer-related crime activity can be attributed to "hackers." Everything from embezzlement to computer viruses have, at one time or another, been attributed to them. Additionally, hackers are often described as being sociopathic or malicious, creating a media image of the computer underground that may exaggerate their propensity for doing damage. The labeling of hackers as being "evil" is well illustrated by two recent media examples. The first is from Eddie Schwartz, a WGN-Radio talk show host. Here Schwartz is addressing "Anna," a self-identified hacker that has phoned into the show: You know what Anna, you know what disturbs me? You don't sound like a stupid person but you represent a . . . a . . . a . . . lack of morality that disturbs me greatly. You really do. I think you represent a certain way of thinking that is morally bankrupt. And I'm not trying to offend you, but I . . . I'm offended by you! (WGN Radio, 1988) Just two months later, NBC-TV's "Hour Magazine" featured a segment on "computer crime." In this example, Jay Bloombecker, director of the National ^ 19 Center for Computer Crime Data, discusses the "hacker problem" with the host of the show, Gary Collins. Collins: . . . are they %hackers% malicious in intent, or are they simply out to prove, ah, a certain machismo amongst their peers? Bloombecker: I think so. I've talked about "modem macho" as one explanation for what's being done. And a lot of the cases seem to involve %proving% %sic% that he . . . can do something really spiffy with computers. But, some of the cases are so evil, like causing so many computers to break, they can't look at that as just trying to prove that you're better than other people. GC: So that's just some of it, some kind of "bet" against the computer industry, or against the company. JB: No, I think it's more than just rottenness. And like someone who uses graffiti doesn't care too much whose building it is, they just want to be destructive. GC: You're talking about a sociopath in control of a computer! JB: Ah, lots of computers, because there's thousands, or tens of thousands %of hackers% (NBC-TV, 1988). The media image of computer hackers, and thus all members of the computer underground, is burdened with value-laden assumptions about their psychological makeup, and focuses almost entirely upon the morality of their actions. Additionally, since media stories are taken from the accounts of police blotters, security personnel, and hackers who have been caught, each of whom have different perspectives and ^ 20 definitions of their own, the media definition, if not inherently biased, is at best inconsistent. Criminologists, by way of contrast, have done little to define the computer underground from a sociological perspective. Those criminological definitions that do exist are less judgmental than the media image, but no more precise. Labels of "electronic trespassers" (Parker, 1983), and "electronic vandals" (Bequai, 1987) have both been applied to hackers. Both terms, while acknowledging that "hacking" is deviant, shy away from labeling it as "criminal" or sociopathic behavior. Yet despite this seemingly non-judgmental approach to the computer underground, both Parker and Bequai have testified before Congress, on behalf of the computer security in- dustry, on the "danger" of computer hackers. Unfortunately, their "expert" testimony was largely based on information culled from newspaper stories, the objectiveness of which has been seriously questioned (Hollinger and Lanza-Kaduce 1988 p.105). Computer security specialists, on the other hand, are often quick to identify CU participants as part of the criminal element. Correspondingly, some reject the notion that there are different roles and motivations among computer underground participants and thereby ^ 21 refuse to define just what it is that a "hacker" or "phreaker" does. John Maxfield, a "hacker expert," suggests that differentiating between "hackers" and "phone phreaks" is a moot point, preferring instead that they all just be called "criminals" (WGN-Radio. Sept 28, 1988). The reluctance or inability to differentiate between roles and activities in the computer underground, as exhibited in the media and computer security firms, creates an ambiguous definition of "hacker" that possesses two extremes: the modern-day bank robber at one end, the trespassing teenager at the other. Thus, most any criminal or mischievous act that involves computers can be attributed to "hackers,"2 regardless of the nature of the crime. Further compounding the inconsistent use of "hacker" is the evolution of meaning that the word has undergone. "Hacker" was first applied to computer related activities when it was used by programmers in the late 1950's. At that time it referred to the pioneering researchers, such as those at M.I.T., who ____________________ 2 During the WGN-Radio show on computer crime one caller, who was experiencing a malfunctioning phone that would "chirp" occasionally while hung up, believed that "computer hackers" were responsible for the problem. The panel assured her that it was unrelated to CU activity. ^ 22 were constantly adjusting and experimenting with the new technology (Levy, 1984. p.7). A "hacker" in this context refers to an unorthodox, yet talented, professional programmer. This use of the term still exits today, though it is largely limited to professional computing circles. Another definition of "hacker" refers to one who obtains unauthorized, if not illegal, access to computer systems and networks. This definition was popularized by the movie War Games and, generally speaking, is the one used by the media.3 It is also the definition favored by the computer underground. Both the members of the computer underground and computer programmers claim ownership of "hacker," and each defend the "proper" use of term. The computer professionals maintain that using "hackers" (or "hacking") to refer to any illegal or illicit activity is a corruption of the "true" meaning of the word. Bob Bickford, a professional programmer who has organized several programmer conferences, explains: ____________________ 3 This is not always true of course. The AP Stylebook has yet to specify how "hacker" should be used. A recent Associated Press story featured a computer professional explaining that a "real hacker" would never do anything illegal. Yet just a few weeks later Associated Press distributed stories proclaiming that West German "hackers" had broken into US Defense Department computer systems. ^ 23 At the most recent conference %called "Hackers 4.0"% we had 200 of the most brilliant computer professionals in the world together for one weekend; this crowd included several PhD's, several presidents of companies (including large companies, such as Pixar), and various artists, writers, engineers, and programmers. These people all consider themselves Hackers: all derive great joy from their work, from finding ways around problems and limits, from creating rather than destroying. It would be a great disservice to these people, and the thousands of professionals like them, to let some pathetic teenaged criminals destroy the one word which captures their style of interaction with the universe: Hackers (Bickford, 1988). Participants in the computer underground also object to the "misuse" of the term. Their objection centers around the indiscriminate use of the word to refer to computer related crime in general and not, specifically, the activities of the computer underground: Whenever the slightest little thing happens involving computer security, or the breach thereof, the media goes fucking bat shit and points all their fingers at us 'nasty hackers.' They're so damned ignorant it's sick (EN, message log, 1988). . . . whenever the media happens upon anything that involves malicious computer use it's the "HACKERS." The word is a catch phrase it makes mom drop the dishes and watch the TV. They use the word because not only they don't really know the meaning but they have lack of a word to describe the perpetrator. That's why hacker has such a bad name, its always associated with evil things and such (PA, message log, 1988). I never seen a phreaker called a phreaker ^ 24 when caught and he's printed in the newspaper. You always see them "Hacker caught in telephone fraud." "Hacker defrauds old man with phone calling card." What someone should do is tell the fucken (sic) media to get it straight (TP2, message log, 1988). Obviously the CU and computer professional definitions of "hacker" refer to different social groups. As Best and Luckenbill (1982, p. 39) observe: "Every social group modifies the basic language to fit its own circumstance, creating new words or using ordinary words in special ways." Which definition, if either, will come into widespread use remains to be seen. However, since computer break-ins are likely to receive more media attention than clever feats of programming, the CU definition is likely to dominate simply by being used more often.4 But as long as the two definitions do exist there will be confusion unless writers and researchers adequately specify the group under discussion. For this reason, I suggest that sociologists, and criminologists in particular, adopt the "underground" definition for consistency and ____________________ 4 Another factor may be the adoption of a close proximity to the underground definition being included in the 1986 edition of Webster's New World dictionary: hack.er n. 1. a person who hacks 2. an unskilled golfer, tennis player, etc. 3. a talented amateur user of computers, specif. one who attempts to gain unauthorized access to files. ^ 25 accuracy when speaking of the actions of CU participants. While it is recognized that computer hacking is a relatively new phenomenon, the indiscriminant use of the term to refer to many different forms of unorthodox computer use has been counterproductive to understanding the extent of the activity. To avoid this a "computer hacker" should be defined as an individual, associated with the computer underground, who specializes in obtaining unauthorized access to computer systems. A "phone phreak" in an individual, associated with the computer underground, who specializes in obtaining unauthorized information about the phone system. A "software pirate" is an individual, associated with the computer underground, who distributes or collects copyrighted computer software. These definitions have been derived from the data, instead of relying upon those who defend the "integrity" of the original meanings, or those who are unfamiliar with the culture. ^ 26 Topography of the Computer Underground Having defined the three main roles in the computer underground, it is necessary to examine each activity separately in order to provide a general typology of the computer underground. In doing so, the ways in which each contributes to the culture as a whole will be illustrated, and the divisions between them that affect the overall organization will be developed. Analysis of these roles and divisions is crucial to understanding identity, access, and mobility within the culture. Hacking In the vernacular of the computer underground, "hacking" refers to gaining access and exploring computer systems and networks. "Hacking" encompasses both the act and the methods used to obtain valid user accounts on computer systems. "Hacking" also refers to the activity that occurs once access to another computer has been obtained. Since the system is being used without authorization, the hacker does not, generally speaking, have access to the usual operating manuals and other resources that are available to legitimate users. ^ 27 Therefore, the hacker must experiment with commands and explore various files in order to understand and effectively use the system. The goal here is to explore and experiment with the system that has been entered. By examining files and, perhaps, by a little clever programming, the hacker may be able to obtain protected information or more powerful access privileges.5 Phreaking Another role in the computer underground is that of the "phone phreak." Phone phreaking, usually called just "phreaking," was widely publicized when the exploits of John "Cap'n Crunch" Draper, the "father of phreaking," were publicized in a 1971 Esquire magazine article. The term "phreaking" encompasses several different means of circumventing the billing mechanisms of telephone companies. By using these methods, long- ____________________ 5 Contrary to the image sometimes perpetuated by computer security consultants, the data indicate that hackers refrain from deliberately destroying data or otherwise damaging the system. Doing so would conflict with their instrumental goal of blending in with the average user so as not to attract undue attention to their presence and cause the account to be deleted. After spending what may be a substantial amount of time obtaining a high access account, the hacker places a high priority on not being discovered using it. ^ 28 distance phone calls can be placed without cost. In many cases the methods also prevent, or at least inhibit, the possibility of calls being traced to their source thereby helping the phreaker to avoid being caught. Early phreaking methods involved electro- mechanical devices that generated key tones, or altered line voltages in certain ways as to trick the mechanical switches of the phone company into connecting calls without charging. However the advent of computerized telephone-switching systems largely made these devices obsolete. In order to continue their practice the phreaks have had to learn hacking skills:6 Phreaking and hacking have just recently merged, because now, the telephone companies are using computers to operate their network. So, in order to learn more about these computers in relation to the network, phreaks have learned hacking skills, and can now program, and get around inside the machines (AF, message log, 1988). For most members of the computer underground, phreaking is simply a tool that allows them to call long distance without amassing enormous phone bills. ____________________ 6 Because the two activities are so closely related, with phreakers learning hacking skills and hackers breaking into "telco" computers, reference is usually made to phreak/hacking or "p/hackers." This paper follows this convention. ^ 29 Those who have a deeper and more technically oriented interest in the "telco" (telephone company) are known as phreakers. They, like the hackers discussed earlier, desire to master and explore a system that few outsiders really understand: The phone system is the most interesting, fascinating thing that I know of. There is so much to know. Even phreaks have their own areas of knowledge. There is so much to know that one phreak could know something fairly important and the next phreak not. The next phreak might know ten things that the first phreak doesn't though. It all depends upon where and how they get their info. I myself %sic% would like to work for the telco, doing something interesting, like programming a switch. Something that isn't slave labor bullshit. Something that you enjoy, but have to take risks in order to participate unless you are lucky enough to work for the telco. To have access to telco things, manuals, etc would be great (DP, message log, 1988). Phreaking involves having the dedication to commit yourself to learning as much about the phone system/network as possible. Since most of this information is not made public, phreaks have to resort to legally questionable means to obtain the knowledge they want (TP2, message log, 1988). Most members of the underground do not approach the telephone system with such passion. Many hackers are interested in the phone system solely to the extent that they can exploit its weaknesses and pursue other goals. In this case, phreaking becomes a means and not a pursuit unto itself. Another individual, one who ^ 30 identifies himself as a hacker, explains: I know very little about phones . . . I just hack. See, I can't exactly call these numbers direct. A lot of people are in the same boat. In my case, phreaking is a tool, an often used one, but nonetheless a tool (TU, message log, 1988). In the world of the computer underground, the ability to "phreak a call" is taken for granted. The invention of the telephone credit card has opened the door to wide-scale phreaking. With these cards, no special knowledge or equipment is required to phreak a call, only valid credit card numbers, known as "codez," are needed to call any location in the world. This easy access to free long-distance service is instrumental for maintaining contact with CU participants scattered across the nation. Pirating The third major role in the computer underground is that of the software pirate. Software piracy refers to the unauthorized copying and distribution of copy- righted software. This activity centers around computer bulletin board systems that specialize in "warez."7 There pirates can contribute and share ____________________ 7 "Warez" is a common underground term that refers to pirated software. ^ 31 copies of commercial software. Having access to these systems (usually obtained by contributing a copyrighted program via a telephone modem) allows the pirate to copy, or "download," between two to six programs that others have contributed. Software piracy is a growing concern among software publishing companies. Some contend that the illegal copying of software programs costs the industry billions of dollars in lost revenues. Pirates challenge this, and claim that in many ways pirating is a hobby, much like collecting stamps or baseball cards, and their participation actually induces them to spend more on software than they would otherwise, even to the point of buying software they don't truly need: There's a certain sense of, ahh, satisfaction in having the latest program, or being the first to upload a program on the "want list." I just like to play around with them, see what they can do. If I like something, I'll buy it, or try out several programs like it, then buy one. In fact, if I wasn't pirating, I wouldn't buy any warez, because some of these I buy I do for uploading or just for the fun of it. So I figure the software companies are making money off me, and this is pretty much the same for all the really elite boards, the ones that have the best and most programs. . . . I just bought a $117. program, an accounting program, and I have absolutely no use for it. It's for small businesses. I thought maybe it would auto- write checks, but it's really a bit too high powered for me. I thought it would be fun to trade to some other boards, but I learned a lot from just looking at it (JX, field notes, 1989). ^ 32 Pirates and phreak/hackers do not necessarily support the activities of each other, and there is distrust and misunderstanding between the two groups. At least part of this distrust lies in the phreak/hacker perception that piracy is an unskilled activity.8 While p/hackers probably don't disapprove of piracy as an activity, they nevertheless tend to avoid pirate bulletin board systems --partly because there is little pertinent phreak/hack information contained on them, and partly because of the belief that pirates indiscriminately abuse the telephone network in pursuit of the latest computer game. One hacker illustrates this belief by theorizing that pirates are responsible for a large part of telephone credit card fraud. The media claims that it is solely hackers who are responsible for losses pertaining to large telecommunication companies and long distance services. This is not the case. We are %hackers% but a small portion of these losses. The rest are caused by pirates and thieves who sell these codes to people on the street (AF, message log, 1988). Other hackers complained that uploading large ____________________ 8 A possible exception to this are those pirates that have the programming skills needed to remove copy protection from software. By removing the program code that inhibits duplicate copies from being made these individuals, known as "crackers," contribute greatly to the easy distribution of "warez." ^ 33 programs frequently takes several hours to complete, and it is pirate calls, not the ones placed by "tele- communications enthusiasts" (a popular euphemism for phreakers and hackers) that cost the telephone industry large sums of money. However, the data do not support the assertation that all pirates phreak their calls. Phreaking is considered "very tacky" among elite pirates, and system operators (Sysops) of pirate bulletin boards discourage phreaked calls because it draws attention to the system when the call is discovered by the telephone company. Regardless of whether it is the lack of phreak/ hack skills, the reputation for abusing the network, or some other reason, there is indeed a certain amount of division between the world of phreakers and hackers and that of pirates. The two communities co-exist and share resources and methods, but function separately. ^ 34 Social Organization and Deviant Associations Having outlined and defined the activities of the computer underground, the question of social organization can be addressed. Joel Best and David Luckenbill (1982) have developed a typology for identifying the social organization of deviant associations. Essentially they state that deviant organizations, regardless of their actual type of deviance, will vary in the complexity of their division of labor, coordination among organization roles, and the purposiveness with which they attempt to achieve their goals. Those organizations which display high levels in each of these categories are more sophisticated than those with lower levels. Deviants relations with one another can be arrayed along the dimension of organizational sophistication. Beginning with the least sophisticated form, %we% discuss five forms of the social organization of deviants: loners, colleagues, peers, mobs, and formal organizations. These organization forms are defined in terms of four variables: whether the deviants associate with one another; whether they participate in deviance together; whether their deviance requires an elaborate division of labor; and whether their organization's activities extend over time and space (Best and Luckenbill, 1982, p.24). These four variables, also known as mutual association, mutual participation, elaborate division of labor, and ^ 35 extended organization, are indicators of the social organization of deviant groups. The following, taken from Best and Luckenbill, illustrates: FORM OF MUTUAL MUTUAL DIVISION EXTENDED ORGAN- ASSOCIA- PARTICIPA- OF ORGAN- IZATION TION TION LABOR IZATION ----------------------------------------------------- Loners no no no no Colleagues yes no no no Peers yes yes no no Mobs yes yes yes no Formal Organizations yes yes yes yes _____________________________________________________ (1982, p.25) Loners do not associate with other deviants, participate in shared deviance, have a division of labor, or maintain their deviance over extended time and space. Colleagues differ from loners because they associate with fellow deviants. Peers not only associate with one another, but also participate in deviance together. In mobs, this shared participation requires an elaborate division of labor. Finally, formal organizations involve mutual association, mutual participation, an elaborate division of labor, and deviant activities extended over time and space (Best and Luckenbill, 1982, pp.24-25). The five forms of organizations are presented as ideal types, and "organizational sophistication" should be regarded as forming a continuum with groups located at various points along the range (Best and Luckenbill, 1982, p.25). With these two caveats in mind, we begin to examine the computer underground in terms of each of ^ 36 the four organizational variables. The first level, mutual association, is addressed in the following section. ^ 37 Mutual Association Mutual association is an indicator of organizational sophistication in deviant associations. Its presence in the computer underground indicates that on a social organization level phreak/hackers act as "colleagues." Best and Luckenbill discuss the advantages of mutual association for unconventional groups: The more sophisticated the form of organization, the more likely the deviants can help one another with their problems. Deviants help one another in many ways: by teaching each other deviant skills and a deviant ideology; by working together to carry out complicated tasks; by giving each other sociable contacts and moral support; by supplying one another with deviant equipment; by protecting each other from the authorities; and so forth. Just as %others% rely on one another in the course of everyday life, deviants find it easier to cope with practical problems when they have the help of deviant associates (1982,pp.27-28). Hackers, phreakers, and pirates face practical problems. For example, in order to pursue their activities they require equipment9 and knowledge. The ____________________ 9 The basic equipment consists of a modem, phone line, and a computer -- all items that are available through legitimate channels. It is the way the equipment is used, and the associated knowledge that is required, that distinguishes hackers from other computer users. ^ 38 problem of acquiring the latter must be solved and, additionally, they must devise ways to prevent discovery , apprehension and sanctioning by social control agents.10 One method of solving these problems is to turn to other CU members for help and support. Various means of communication have been established that allow individuals to interact regardless of their location. As might be expected, the communication channels used by the CU reflect their interest and ability in high- technology, but the technical aspects of these methods should not overshadow the mutual association that they support. This section examines the structure of mutual association within the computer underground. ____________________ 10 Telephone company security personnel, local law enforcement, FBI, and Secret Service agents have all been involved in apprehending hackers. ^ 39 The Structure of the Computer Underground Both computer underground communities, the p/hackers and the pirates, depend on communications technology to provide meeting places for social and "occupational" exchanges. However, phreakers, hackers, and pirates are widely dispersed across the country and, in many cases, the globe. In order for the communication to be organized and available to participants in many time zones and "working" under different schedules, centralized points of information distribution are required. Several existing technologies --computer bulletin boards, voice mail boxes, "chat" lines, and telephone bridges/loops -- have been adopted by the CU for use as communication points. Each of these technologies will be addressed in turn, giving cultural insight into CU activities, and illustrating mutual association among CU participants. Bulletin Board Systems Communication in the computer underground takes place largely at night, and primarily through Bulletin Board Systems (BBS). By calling these systems and "logging on" with an account and password individuals can leave messages to each other, download files and ^ 40 programs, and, depending on the number of phone lines into the system, type messages to other users that may be logged on at the same time. Computer Bulletin Board Systems, or "boards," are quite common in this computerized age. Nearly every medium-sized city or town has at least one. But not all BBS are part of the computer underground culture. In fact, many systems prohibit users from discussing CU related activity. However, since all bulletin boards systems essentially function alike it is only the content, users, and CU culture that distinguish an "underground" from a "legitimate" bulletin board. Computer Underground BBS are generally owned and operated by a single person (known as the "system operator" or "sysop"). Typically setup in a spare bedroom, the costs of running the system are paid by the sysop, though some boards solicit donations from users. The sysop maintains the board and allocates accounts to people who call the system. It is difficult to assess the number of underground bulletin boards in operation at any one time. BBS in general are transitory in nature, and CU boards are no exception to this. Since they are operated by private individuals, they are often set up and closed down at the whim of the operator. A week ^ 41 that sees two new boards come online may also see another close down. A "lifetime" of anywhere from 1 month to 1-1/2 years is common for pirate and phreak/hack boards.11 One BBS, claimed to be the "busiest phreak/hack board in the country" at the time,12 operated for less than one year and was suddenly closed when the operator was laid off work. Further compounding the difficulty of estimating the number of CU boards is their "underground" status. CU systems do not typically publicize their existence. However, once access to one has been achieved, it is easy to learn of other systems by asking users for the phone numbers. Additionally, most BBS maintain lists of other boards that users can download or read. So it is possible, despite the difficulties, to get a feel for the number of CU boards in operation. Pirate boards are the most common of "underground" BBS. While there is no national "directory" of pirate boards, there are several listings of numbers for specific ____________________ 11 While some non-CU BBS' have been operating since 1981, the longest operating phreak/hack board has only been in operation since 1984. 12 At it's peak this p/h board was receiving 1000 calls a month and supported a community of 167 users (TP BBS, message log, 1989). ^ 42 computer brands.13 One list of Apple pirate boards has 700 entries. Another, for IBM boards, lists just over 500. While there is no way of determining if these lists are comprehensive, they provide a minimum estimate. Pirate boards for systems other than IBM or Apple seem to exhibit similar numbers. David Small, a software developer that has taken an aggressive stance in closing down pirate boards, estimates that there are two thousand in existence at any one time (1988). Based on the boards discovered in the course of this research, and working from an assumption that each of the four major brands of microcomputers have equal numbers of pirate boards, two thousand is a reasonable estimate. The phreak/hack BBS community is not divided by differing brands of micro-computers. The applicability of phreak/hack information to a wide range of systems does not require the specialization that pirate boards exhibit. This makes it easier to estimate the number of systems in this category. John Maxfield, a computer security consultant, has asserted that there are "thousands" of phreak/hack ____________________ 13 Pirate boards are normally "system specific" in that they only support one brand or model of microcomputer. ^ 43 boards in existence (WGN-Radio, November 1988). The data, however, do not confirm this. A list of phreak/hack boards compiled by asking active p/hackers and downloading BBS lists from known phreak/hack boards, indicates that there are probably no more than one hundred. Experienced phreak/hackers say that the quality of these boards varies greatly, and of those that are in operation today only a few (less than ten) attract the active and knowledgeable user. Right after "War Games" came out there must have been hundreds of hacker bulletin boards spring up. But 99% of those were lame. Just a bunch of dumb kids that saw the movie and spent all there %sic% time asking "anyone got any k00l numberz?" instead of actually hacking on anything. But for a while there was %sic% maybe ten systems worth calling . . . where you could actually learn something and talk to people who knew what was going Nowadays %sic% there are maybe three that I consider good . . . and about four or five others that are okay. The problem is that anybody can set up a board with a k-rad name and call it a hacker board and the media/feds will consider it one if it gets busted. But it never really was worth a shit from the beginning.(TP2, field notes, 1989) Towards a BBS Culture. Defining and identifying CU boards can be problematic. The lack of an ideal type undoubtedly contributes to the varying estimates of the number of CU bulletin board systems. While developing such a typology is not the intent of this work, it is appropriate to examine the activities and ^ 44 characteristics exhibited by BBS supporting the pirate and phreak/hack communities. While much of the culture of pirate and phreak/hack worlds overlap, there are some differences in terms of how the BBS medium is used to serve their interests. We begin with a short discussion of the differences between the two communities, then discuss cultural characteristics common to all CU BBS systems. All BBS feature a "files area" where programs and text files are available for downloading by users. Initially these programs/files are supplied by the system operator, but as the board grows they are contributed (called "uploading") by callers. The content and size of the files area differs according to whether the board supports the pirate or phreak/hack community. The files area on a pirate board consists primarily of programs and program documentation. Normally these programs are for only one brand of micro-computer (usually the same as the system is being run on). Text files on general or non-computer topics are uncommon. A "files area" menu from a pirate BBS illustrates the emphasis on software: %1% Documentation %2% Telecommunications %3% Misc Applications %4% Word Processing %5% Graphics %6% Utilities %7% Games 1 %8% Games 2 ^ 45 %9% XXX Rated %10% Elite_1 %11% Elite_2 %12% Super_Elite (IN BBS, message log, 1988) The "files area" on a phreak/hack BBS is noticeably smaller than it is on pirate systems. It consists primarily of instructional files (known as "g- files" for "general files") and copies of phreak/hack newsletters and journals. Pirated commercial software is very rare; any programs that are available are usually non-copyrighted specialized programs used to automate the more mundane aspects of phreaking or hacking. It is not uncommon to find them in forms usable by different brands of computers. A "files area" list from a phreak/hack BBS is listed here (edited for size): Misc Stuff ------------- BRR2 .TXT: Bell Research Report Volume II BRR1 .TXT: Bell Research Report Volume I CONFIDE .ARC: Confide v1.0 DES EnCryption/DeCryption CNA .TXT: A bunch of CNA numbers CLIPS .ARC: newsclippings/articles on hackers and busts ESS1 .TXT: FILE DESCRIBING THE ESS1 CHIP TELEPHON.TXT: NY Times Article on hackers/phreaks HP-3000 .TXT: This tells a little info about hp VIRUS .TXT: Digest of PC anti-viral programs. Hack/Phreak Programs ----------------------- THIEF .ARC: Code Thief for IBM! PC-LOK11.ARC: IBM Hard Disk Lock Utility- fairly good. PHONELIS.COM: Do a PHONE DIR command on VAX from DCL. XMO .FOR: VAX Xmodem Package in FORTRAN ^ 46 PASSWORD.ARC: IBM Password on bootup. Not too bad. Archived Gfiles ---------------------- PHRACK15.ARC: Phrack #15 PHRACK10.ARC: Phrack #10 PHRACK20.ARC: Phrack #20 ATI1_6.ARC : ATI issues one thru six PHRACK5.ARC : Phrack #5 PHRACK25.ARC: Phrack #25 PHUN1.ARC : P/Hun first issue TCSJ.ARC : Telecom Security Journal ATI31.ARC : Activist Times Inc number 31 LODTECH3.ARC: LoD Tech Journal three (TPP BBS, message log, 1988) The difference in files area size is consistent with the activities of pirates and phreak/hackers. The main commodity of exchange between pirates is, as discussed earlier, copyrighted software thus accounting for the heavy use of that area of the board that permits exchange of programs. The phreak/hackers, on the other hand, primarily exchange information about outside systems and techniques. Their interests are better served by the "message bases" of BBS. The "message bases" (areas where callers leave messages to other users) are heavily used on phreak/hack systems. The messages are not specific to one brand of micro-computer due to the fact that not all users own the same equipment. Rather than focus on the equipment owned by the phreak/hacker, the messages deal with their "targets." Everything from phreak/hacking techniques to CU gossip is discussed. On ^ 47 some boards all the messages, regardless of topic, are strung together in one area. But on others there are separate areas dealing with specific networks and mainframe computers: Message Boards available: 1 : General 2 : Telecommunications 3 : Electronics 4 : Packet Switched Nets 5 : VAX/DEC 6 : Unix 7 : Primos 8 : HP-x000 9 : Engineering 10 : Programming & Theory 11 : Phrack Inc. 12 : Sociological Inquiries 13 : Security Personnel & Discussion 14 : Upper Deck 15 : Instructors (TPP BBS, message log, 1988) The pirate community, on the other hand, makes little use of the "message bases." Most users prefer to spend their time (which may be limited by the system operator on a per day or per call basis) uploading and/or downloading files rather than leaving messages for others. Those messages that do exist are usually specific to the pirating enterprise such as help with programs on the board, requests for specific programs ("want lists"), and notices about other pirate bulletin boards that users may want to call. Occasional discussion of phreaking may occur, but the emphasis is ^ 48 on techniques used to make free calls, not technical network discussions as often occurs on phreak/hack systems. A list of message areas from a large pirate BBS illustrates the emphasis on the pirating enterprise. A message area for general discussions has been created, but those areas devoted to pirating display more use: Area %1% General Discussion 15 messages Area %2% Pirating Only!! 75 messages Area %3% Warez Wants 31 messages Area %4% **private messages** 10 messages (TL BBS, message log, 1988) In addition to the differences between files and message use on pirate and phreak/hack boards, they differ in degree of community cohesiveness. Every BBS has a group of "users" --the people who have accounts on the system. The group of users that call a specific BBS can be considered to be a "community" of loosely associated individuals by virtue of their "membership" in the BBS. Additionally, the system itself, serving either pirates or phreak/hackers, exists within a loose network of other bulletin boards that serve these same interests. It is within this larger community where pirate and phreak/hack boards seem to differ. Due to the brand-specific nature of pirate boards, there is not a strong network between pirate BBS that ^ 49 operate on other systems. This is understandable as a pirate that owned an Apple computer would have little use for the programs found on an IBM board. However, this creates separate communities of active pirates, each loosely associated with other users of their computer type, but with little or no contact with pirate communities on other systems. There is, however, a degree of cohesiveness among pirate boards that support the same micro-computers. While the users may be different on systems, the data shows that some pirate boards are "networked" with each other via special software that allows messages and files to be automatically shared between different boards. Thus a message posted on a west coast pirate board will be automatically copied on an east coast BBS later that night. In a like manner, software programs can be sent between "networked" boards. The extent of this network is unknown. The pirate BBS community also exhibits cohesiveness in the form of "co-sysops." As discussed earlier, sysops are the system operators and usually owners of BBS. On some pirate boards, "co-sysop" distinction is given to an operator of another board, often located in another state. This forms a loose network of "sister boards" where the sysop of one has ^ 50 co-sysop privileges on the other. However, this cooperative effort appears to be limited mainly to the system operators as comparing user lists from sister boards shows little overlap between the regular callers. How co-sysop positions are utilized is unknown, and it is suspected that they are largely honorary. But nonetheless it is indicative of mutual association between a small number of boards. The phreak/hack board community does not exhibit the same brand-specific division as the pirate community. Unlike the divided community of pirates, phreak/hackers appear to maintain contacts throughout the country. Obtaining and comparing user lists from several phreak/hack BBS reveals largely the same group of people using several different boards across the country.14 While phreak/hack boards have yet to adopt the "networking" software used by pirate boards, an active group of phreak/hackers is known to use the sophisticated university mainframe computer network, called Bitnet, to exchange phreak/hack newsletters and gossip. Despite the operational differences between pirate ____________________ 14 In fact, users lists from phreak/hack BBSs located in Europe and Australia show that many U.S. p/hackers utilize these systems as well. ^ 51 and phreak/hack boards, their cultures are remarkably similar. Any discussion of the computer underground must include both communities. Additionally, a formulation of the culture of CU BBS must address the means in which access to the board, and thus deviant associates, is obtained. For a caller to successfully enter the CU BBS community, he must display an awareness of CU culture and technical skill in the CU enterprise. If the caller fails to exhibit cultural knowledge, then access to the board is unlikely to be granted. The ways in which this cultural knowledge is obtained and displayed illustrates the social nature of the CU and further displays some of the subcultural norms of behavior. On most "licit" (non-underground) boards, obtaining permission to use the system is accomplished by logging on and providing a name and home phone number to the system operator (sysop). Sysop's normally do not check the validity of the information, and once a caller has provided it he or she is granted full access to the system. There is normally one level of access for all users, with only the sysop having more "powerful" access. Obtaining access to underground bulletin boards is more complicated and requires more steps to complete. ^ 52 In an attempt to prevent law enforcement agents ("feds") from obtaining accounts on systems where pirates or p/hackers are vulnerable, if not to actual arrest, then at least to exposing their latest act- ivities and methods, sysop's of illicit boards attempt to limit access to the system. One method of doing this is to restrict publicizing the existence of the board. Computer underground BBS are not normally included in BBS listings found in computer books and magazines, and there is a norm, particularly strong on p/hack systems, that the boards are not to be mentioned on non-CU systems. There are, however, some "entry-level" CU BBS that are fairly well known. These systems are known as "anarchist" boards. "Anarchist" boards, while exhibiting many of the same characteristics as pirate and phreak/hack boards, are really a cross between the two and serve primarily as social outlets for both pirates and phreak/hackers. The message areas on "anarchist" boards are quite active, "chatty" messages are not discouraged. Indeed there are normally several different message areas devoted to a wide range of topics including everything from "skipping school" to "punk rock." The files area contains both warez (but normally only the newest ^ 53 games, and specific to the computer system that the board runs on) and phreak/hack text files. Neither collection is as extensive as it would be on pirate- only or p/hack-only systems. The data suggest that one function of "anarchist" boards is to introduce newcomers to the culture of the computer underground. By acting as "feeder boards," they can provide preliminary socialization and instruction for CU behavior and techniques. Additionally, "anarchist" boards frequently provide areas where phone numbers to pirate and p/hack systems can be traded, thus providing systems where more in- depth information, and other contacts, can be found. A phreak/hacker describes how an "anarchist" board was instrumental in introducing him to the computer underground: I've been phreaking and hacking for about four years now. I discovered phreaking on my own at this place I used to work. We had this small LD %long distance% provider that used codez so I started hacking them out and calling places myself . . . but I didn't know no other phreaks at that time. Then I started using the codez to call boards from home on my computer. Somebody gave me the number to Jack Black's Whore House %an "anarchy board"% and I started learning about hacking and shit from the people and philes they had there. Then one day this guy, King Hammer, sent me some e-mail %a private message% and told me to call his system. That's where I really learned my way around the nets and shit. You could ask questions and people would help you out and stuff. If I ^ 54 hadn't found out some of the tricks that I did I probably would have got busted by now. (TP2, field notes, 1989) Once an individual has obtained the telephone number to a CU BBS, through whatever channels, callers follow essentially the same procedure as they do on licit systems . . . that of calling and logging on. However, since "underground" boards are not truly underground (that is, totally secret) first-time callers are not given access to the board itself. When a user is unable to provide an already valid username/password, the system will automatically begin its registration procedure. First, the caller is asked to enter a "username" (the name used by the system to distinguish between callers) and "phone number." These first system requests, normally seen only as "Enter Your Name and Phone Number," serve as partial screens to keep out non-underground callers that may have happened across the board. The way that a user responds to these questions indicates if they have cultural knowledge of the CU. The norm is to enter a pseudonym and a fake phone number.15 If a ____________________ 15 A functional reason for this norm is that usernames and telephone numbers are stored on the computer as part of the BBS system files. Should the BBS ever be seized in legal proceedings, this list of names and numbers (and on some systems addresses . . . which are also normally false) could be used to identify the users of the system. ^ 55 caller enters his or her real name (or at least a name that does not appear to be a pseudonym) the system operator will be put on guard that the caller may not be aware of the type of board that he has called, for the pseudonym is the most visible of CU cultural traits. All members of the underground adopt "handles" to protect their identity. The pseudonyms become second identities and are used to log onto bulletin boards, and as "signatures" on messages and instructional text files.16 They are not unlike those adopted by citizens-band radio users, and reflect both the humor and technical orientation of computer underground participants. A review of handles used by phreakers, hackers, and pirates finds that they fall into three broad categories: figures from literature, films, and entertainment (often science fiction); names that play upon computers and related technologies; and nouns/descriptive names. (See Appendix A for fictional examples of each.) After providing a user name and entering a ____________________ 16 The data suggest that, on the whole, individuals retain their handles over time. ^ 56 password to be used for future calls, the caller is asked several more questions designed to screen users and determine initial access privileges. Unlike licit boards, underground BBS may have several different levels of access with only the most trusted users being able to read messages and get files in "elite" or "high access" areas that are unknown and unavailable to other callers. In many cases, pirate boards are able to operate "above ground" and appear to be open-public access systems unless callers have the proper privileges to access the areas where the "good stuff" is located. The answers given to access questionnaires determine whether a caller will receive access to some, all, or none of the higher levels. These questionnaires frequently ask for "personal references" and a list of other boards the caller has "high access" on. The question is vague, and random callers are unlikely to answer it correctly. However, if the caller lists pseudonyms of other CU members that are known and trustworthy to the sysop, as well as some other boards that are known to have "good users" and "good security" access will usually be granted.17 If all the answers are relevant and indicative of CU ____________________ 17 The data suggest that personal references are only checked if something seems unusual or suspicious. ^ 57 knowledge, then initial access is normally granted. Other methods of controlling access include presenting a "quiz" to determine if the technical knowledge of the user is up to par with the expertise expected on the boards.18 Some systems, instead of a quiz, ask the user to write a short statement (100 words or less) about why they want access, where they got the phone number to the system, and what they can provide to other users. Some pirate boards come right out and ask the user to supply a list of the good "warez" that they can upload and what they are looking to download. If the caller fails to list recent copyrighted programs then it is evident that they are unaware of the nature of the BBS: I had this one dude call up and he told me in his message that he was looking for some "good games." So instead of giving him access I just left him some e-mail %a private message%. I asked what kind of games he was looking for. Next time he called he wrote back and said "a public domain Asteroids game." I couldn't believe it. Not only is Asteroids so damn old it's lame, but this guy is looking for pd %public domain% shit. No way was he going to get access. He didn't even know what this board is. I left him a message telling him that I didn't have one. He never called back after that (CH, sysop of a pirate BBS, field notes, 1988). ____________________ 18 One such quiz, from a p/h board, can be found in Appendix B. ^ 58 Ironically, the pseudo-elaborate security methods of underground boards, while they may be effective in keeping off random non-CU callers, are not effective in screening out "feds." Data and media accounts show that boards are regularly infiltrated by telephone security personnel and software companies. Also, the adoption of handles to protect identities is defeated by the consistent use of the same handle over time. But in order to obtain and maintain status and prestige in the CU one must keep the same pseudonym in order to (literally) "make a name for oneself." The fact that CU communication is not face-to-face requires a consistent means of identifying oneself to others. The handle fulfills this purpose but at the same time becomes as attached to a single individual as a real name would. The access rituals of the computer underground, which are contingent on being a "known" pirate or phreak/hacker, make changing handles unproductive. The life blood and center of the computer under- ground is the bulletin board network. Acting as both the main trade center of performance related tools and innovations and as a means of socialization, the underground could not exist without the BBS network. They serve to "recruit" and educate newcomers and provide a way to traffic in information and software. ^ 59 The pirating enterprise in particular is very dependent upon the BBS as they are the very means by which "warez" are traded. For the phreak/hacker community, BBS provide a means of trading the resources of system numbers and passwords, as well as instructional texts on techniques. The access process serves as evidence of mutual association amongst phreakers, hackers, and pirates as cultural knowledge is needed as well as personal references (evidence of acceptance and access to others). The CU bulletin board systems are unique in that they provide a way to exchange information with a large number of others. The other methods of CU commun- ication are based on conversations rather than written texts and thus are much less permanent. These methods, discussed next, are telephone bridges/loops, voice mail boxes, and computer "chat" systems. Bridges, Loops, and Voice Mail Boxes Of the additional means of communication used by the CU, telephone "bridges" and "loops" are most common. Unlike BBS, which require data links provided by a computer and modem, bridges and loops are "old fashioned" voice connections. Since they can not accommodate the transfer of programs or files they are used primarily by phreakers and hackers, and most often ^ 60 as a social/recreational outlet. A "bridge" is a technical name for what is commonly known as a "chat line" or "conference system." They are familiar to the public as the pay- per-minute group conversation systems advertised on late night television. Many bridge systems are owned by large corporations who maintain them for business use during the day. While the numbers to these systems is not public knowledge, many of them have been discovered by phreaks who then utilize the systems during the night. In addition to these pre-existing conference systems, phreakers have become skilled at arranging for a temporary, private bridge to be created via AT&T's conference calling facilities. This allows for conversations to be held among a self-selected group of phreak/hackers:19 Bridges can be %sic% extremely useful means of distributing information as long as the %phone% number is not known, and you don't have a bunch of children online testing out ____________________ 19 The data indicates that these private conference calls aren't "scheduled" in any real sense. One p/hacker will initiate the conference and call others at home to add them to the conference. As more people join they suggest others to add. The initiator can temporarily jump out of the conference, call the new person and solicit their attendance. If they don't want to join or aren't home, the initiator simply returns to the conference without adding them in. ^ 61 their DTMF.20 The last great discussion I participated with over a bridge occurred about 2 months ago on an AT&T Quorum where all we did was engineer 3/way %calls% and restrict ourselves to purely technical infor- mation. We could have convinced the Quorum operators that we were AT&T technicians had the need occurred. Don't let the kids ruin all the fun and convenience of bridges. Lameness is one thing, practicality is another (DC, message log, 1988). In addition to setting up "private" bridges, p/hackers can utilize "loop lines" in a further attempt to limit the number of eavesdroppers on their conversations. Unlike bridges, which connect a virtually unlimited number of callers at once, "loops" are limited to just two people at a time. "Loop lines" are actually telephone company test lines installed for internal use.21 A loop consists of two separate telephone numbers that connect only to each other. Each end has a separate phone number, and when each person calls one end, they are connected to each other automatically. This allows for individuals ____________________ 20 "Dual Tone Multi Frequency" or in laymen terms, the touch tone sounds used to dial phone numbers. 21 These test lines are discovered by phreaks and hackers by programming their home computer to dial numbers at random and "listen" for the distinctive tone that an answering loop makes, by asking sympathetic telephone company employees, or through information contained on internal company computers. ^ 62 to hold private conversations without divulging their location or identity by exchanging telephone numbers. Finally, voice mail boxes ("VMB") are another means of communicating with individual actors. There are several commercial voice mail box systems located throughout the country. They function similar to a telephone answering machine in that callers can call in, listen to a recorded message, and then leave a message for the box owner. Many of these systems are accessible via toll-free telephone numbers. The security of some VMB systems is notoriously poor. Many phreaks have expertise in "creating" boxes for themselves that are unknown (until discovered) by the owner of the system. However, these boxes are usually short lived since discovery by the system operator, and closure of the box, is only a matter of time. But as long as the box is functioning, it can serve as a means of communicating with others. VMB numbers are frequently posted on bulletin boards with invitations to "call if you have any good stuff." They are often used by pirates to exchange messages about new releases of software, and by phreak/hackers to trade account and access numbers. Additionally, some of the underground newsletters and journals obtain boxes so users can call in news of arrests and other gossip. ^ 63 Like bulletin boards, VMBs are systems that allow information to be disseminated to a large number of associates, and unlike the live telephone conversations of bridges and loops, they are available at any time of the day. Additionally, VMB's don't require use of a computer and modem, only a touch tone phone is needed to call the box. Their usefulness is limited somewhat because they play only one "outgoing" message at a time, and their transitory nature limits their reliability. Summary Phreakers, hackers and pirates do not act as loners. They have adopted existing methods of communication, consistent with their skills in high technology, to form a social network that allows for the exchange of information, the socialization of new members, socializing with others, and in the case of pirates, performing the "deviant" act itself via these means. These communication points create and foster groups of loosely associated individuals, with specific interests, coming together to exchange information and/or software. It is impossible to be a part of the social network of the computer underground and be a loner. Based upon the Best and Luckenbill measure, ^ 64 actors in the computer underground, by displaying mutual association, organize as colleagues. The social network of the computer underground provides the opportunity for colleagues to form cooperative working relationships with others, thus moving the CU towards a more sophisticated form of social organization. These "hacker groups" are addressed in the next section. ^ 65 Mutual Participation In the previous chapter the ways in which the structure of the computer underground fosters mutual association were discussed. Their social outlets and means for informational exchange bring the CU community together as deviant colleagues. Their relationships fit quite well into the Best and Luckenbill (1982) typology of collegial associations: The relationship between deviant colleagues involves limited contact. Like loners, colleagues perform their deviant acts alone. But unlike loners colleagues associate with one another when they are not engaged in deviance . . . In effect, there is a division between two settings; onstage where individual performs alone; and backstage, where colleagues meet (cf Goffman). In their backstage meetings, colleagues discuss matters of common interest, including techniques for performing effectively, common problems and how to deal with them, and ways of coping with the outside world (1982 p.37). However, despite the advantages of collegial association, ties between CU participants are weak. Loyalty between individuals seems rare, as the CU is replete with tales of phreak/hackers who, when apprehended, expose identities or "trade secrets" in order to avoid prosecution. These weak collegial ties may be fostered by the anonymity of CU communication methods, and the fact that all CU actors are, to some ^ 66 extent, in competition with each other. There are only so many systems with weak security and once such a system is found, sharing it with others will virtually ensure that the hole will be sealed when the increased activity is noticed. Thus while p/hackers will share general knowledge with each other, specific information is not disseminated publicly. As Best and Luckenbill have observed, in order to remain in a collegial relationship individuals must be able to successfully carry out operations alone (1982 p.45). In order to sustain a career in p/hacking one must pursue and collect information independent of what is shared on the communication channels. Despite the association with other phreakers and hackers, the actual performance of the phreak/hacking act is a solitary activity.22 That is not to say, however, that p/hackers never share specific information with others. As discussed earlier, p/hack bulletin board systems frequently have differentiated levels of access where only highly regarded individuals are able to leave and read messages. These areas are frequently used to keep ____________________ 22 This does not hold true for pirates. By definition they must trade programs with other individuals. ^ 67 information from "unskilled" users at the lower levels. There are strong social norms that some information should not be shared too widely, as it may be either "abused" or fall into the hands of enforcement agents. For example, when one p/hacker announced that he was going to release a tutorial on how to infiltrate a new telephone company computer, he received the following messages in reply: Not smart, DT. %That computer% is a system which can be quite powerful if used to its potential. I don't think that information on programming the switches should be released to anyone. Do you realize how destructive %that computer% could really be if used by someone who is irresponsible and intends on destroying things? Don't even think about releasing that file. If you do release that file, it will disappear and will no longer remain in circulation. Believe me. Not many have the right to know about %that computer%, or any other delicate telco computers for that matter. Why do you think the fucking New York Times published that big article on hackers screwing around with telco machines? Not only will you get into a lot of trouble by releasing that file on %computer%, you will be making telcos more aware of what is actually happening, and soon no one will be able to learn about their systems. Just think twice (EP, message log, 1988). Why would you want normal people to have such knowledge? Any why would you post about it? If you have knowledge that's fine but DON'T spread that knowledge among others that may abuse it. It's not impressive! I don't know why anyone would want to disperse that knowledge. Please don't release any "in depth" files on such systems of great power. Keep that to yourself it will just mess it up for others (UU, message log, 1988). ^ 68 The desire to share information with selected colleagues often leads to the formation of cooperative "working groups." These partnerships are easily formed, as the structure of mutual association in the CU creates a means where "talent" can be judged on the basis of past interactions, longevity in the field, and mutual interests. When allegiances are formed, the CU actors begin "mutual participating" in their acts, thus becoming "peers" in terms of social organization. Mutual participation, as defined in the Best and Luckenbill typology, is exhibited by actors sharing in the same deviant act, in the physical presence of one another (1982 p.45). However, the measurement was "grounded" in studies of traditional deviant associations (eg: street gangs, prostitutes, etc.) where "real-time" interaction is common. The technology used by the CU negates this requirement as actors can be located in different parts of the country. Additionally, "hacking" on a system, by a group of peers, does not require simultaneous participation by all members. However Best and Luckenbill's typology is an ideal type, and the activities of peers in the computer underground do not fall outside of the spirit or intention of their concept of mutual participation. Their description of deviant peer associations is ^ 69 presented here: Deviant peers are distinguished from colleagues by their shared participation in deviance. While colleagues carry out their deviant operations alone, peers commit deviant acts in one another's presence. Peers cooperate in carrying out deviant operations, but they have a minimal division of labor, with each individual making roughly comparable contribution. Peer relationships also tend to be egalitarian and informal; some peers may be acknowledged leaders or admired for their skill, but there is no set division of authority. Like colleagues, peers share subcultural knowledge, but peer groups typically provide their members with more support. In addition to cooperating in deviant operations, peers may recruit and socialize newcomers and supply one another with deviant equipment and social support. Thus, the bonds between peers are stronger than those linking colleagues (1982, p.45). Peer associations in the CU are largely limited to small groups23 working on a specified goal. Both pirates and p/hackers organize themselves in this regard, though their characteristics differ. We begin with a discussion of mutual participation among pirates. Pirate Groups Pirate groups are composed of less than ten ____________________ 23 In terms of the ideal type for deviant peers any two individuals working in cooperation exhibit mutual participation. The discussion here addresses groups that consist of three or more people that identify themselves as a sort of "club." Short-lived interaction between two people is not considered a "group" in the CU culture. ^ 70 members. Their primary purpose is to obtain the latest software, remove any copy-protection from it, and then distribute it to the pirate community. Often the "warez" that they distribute will be adorned with the group name, so subsequent users will be aware of the source of the software. Many pirate groups have "home" BBS systems that act as key distribution points, and as places where outsiders can communicate with members of the association. This researcher was unable to obtain data about the internal organization of pirate groups, but it appears that they are leaderless, with individual members working alone but giving credit to the group as a whole. Phreak/hack groups The existence of phreak/hacker groups is well documented in the data, and has been heavily reported in the media. Two hacker groups in particular, The 414's (named for the Wisconsin area code in which they lived), and The Inner Circle, received a large amount of press after being apprehended for various computer break-ins. However, the "threat" that such groups represent has probably been overstated as the data indicate that "hacker gangs" vary greatly in organization and dedication to the CU enterprise. Many hacker groups are short-lived associations of ^ 71 convenience, much like the "no girls allowed!" clubs formed by young boys. They often consist of four to nine beginning phreak/hackers who will assist each other in obtaining telephone credit-card numbers. By pooling their resources, a large number of illicit "codez" can be obtained and shared with others. Distribution of the account numbers is not limited to the group, they are often shared with the community at large, "courtesy of Codez Kidz Ltd." Groups of this type are looked at with disdain by "elite" phreak/hackers and are often criticized as being more interested in self-promotion then they are with actually phreaking or hacking. Some hacker groups are very proficient and dedicated to their craft, however. These groups are characterized by smaller memberships, less visibility to non-members, and commitment to the CU enterprise. They are loosely organized, yet some have managed to exist six or more years despite members dropping out or being arrested. These "elite" groups are selective about membership, and cite trust and talent as the two leading requirements for joining: The group exists mainly for information trading. If you trust everyone else in the group, it is very profitable to pool information on systems . . . also it is nice to know someone that you can call if you need help on operating system X and to have people ^ 72 feel free to call you if they need help on operating system Y (AN, message log, 1988). Trust is a very important part of a group. I think that's blatantly obvious. You have to be able to trust the other members of the group with the information you are providing in order to be productive, and have a secure situation (UU, message log, 1988). . . . all groups serve the same purpose: to make their members feel better about themselves (like, wow, I'm in a group) and to trade things, whether it's wares, codes, or whatever. But the thing is that being in a group is like saying "I trust you, so like, what can we do together?" (NN, message log, 1988) Indeed, hacker groups are formed primarily for the purpose of information exchange. To this end, groups attempt to recruit members with a wide variety of "specializations" in order to have a better support network to turn to: %Our group% has always been very selective about members (took me six years to get in). The only reason the group exists is to bring together a diverse group of talents. There is very little overlap in %the group% these days. Everyone has one thing that they are the best in the country at, and are conversant with just about any other form of hacking. As an example, I got into a Primos computer this morning around 9 am. Once I got in, I know enough about Primos to get around, but that's it. So I call %PS% in New York, give him the info, and when I get home tonight, he has gotten in and decrypted the entire username/password file and uploaded it to me. But two weeks ago he got into a VAX. He got the account to me, I called it up and set up three backdoors into the system that we can get in if the account is detected or deleted. Simple matter of communism. From each according to his ability . . . etc. Also ^ 73 it helps that everyone in the group is experienced enough that they don't fuck up accounts you spend all day getting (TM, field notes, 1989). Consistent with the Best and Luckenbill ideal type, hacker groups do not exhibit a set division of authority or labor. Most groups are leaderless, and every member is free to pursue their own interests, involving other members of the group only when desired: We just got our group together. We've got a guy that does VMB's and a Sprinter %obtains "codez" from U.S. Sprint% and a couple of hackers. Everybody's free to pursue whatever system they want but if they want or need some help they can call on any of the other members if they want to. Like if one guy is scanning and finds a VAX he might call and give me the dialup. Then I might have to call our Sprinter to get some codez so I can start hacking on it. Once I get through I'll give the account to the other members. But if I found it myself I wouldn't have to give it out but I probably would anyway 'cuz keeping it would be bullshit (DC, field notes, 1988). There isn't a leader really. The guy who starts the group sort of acts like a contact point but everyone else has everyones' phone number and you can call whoever you want to anytime. Usually when you're putting a group together you just get everyone you want and you all decide on a name. (DC, field notes, 1988). Summary By virtue of the extensive social network found in the CU, some participants form work groups. The sophistication of these groups varies, but in all cases ^ 74 it is evident that the groups exist to support what are primarily individually performed activities. The groups exhibit many of the ideal-type characteristics of peer associations, and it is clear that in some cases the computer underground is socially organized as peers. ^ 75 Conclusion Phreakers, hackers, and pirates do not act as loners. Loners do not associate with others, and are on their own in coping with the practical problems presented by their activities (Best and Luckenbill 1982, p.28). From the data presented here, it is evident that the computer underground has established an extensive social network for the exchange of resources and mutual support. The characteristics of the CU varies according to the goals of the participants, but the presence of mutual association is consistent. Contact between individuals is limited, with the acts of phreaking or hacking being committed alone. Computer underground participants do associate with one another in order to discuss matters of common interest, such as performance techniques, news, and problem solving. To facilitate this informational exchange, they have established a technologically sophisticated network that utilizes computer bulletin boards, voice mail boxes, telephone bridges, and telephone loops. The collegial organization of the computer underground is further evidenced by the establishment of a CU culture. The subcultural adaptation of ^ 76 language, expectations of normative conduct, and status stratification based on mastery of cultural knowledge and skill, all indicate that the computer underground is, at the very least, a social organization of colleagues (see Best and Luckenbill, 1982, p.37). The very structure that permits mutual association among CU participants also encourages some to form working relationships, thus acting as peers by mutually participating in CU activities. Peers organized in this manner share in their deviance, organizing informally with little division of labor or set division of authority (Best and Luckenbill, 1982, p.45). These peer associations provide support to members, and can provide socialization and recruitment functions for newcomers. The establishment of work groups, through mutual participation, indicates that though the computer underground is largely organized as a network of colleagues, it is also, to some degree, a social organization of peers. Best and Luckenbill (1982) describe two additional forms of deviant associations that are more organizationally sophisticated than peers: "mobs" and "formal organizations." The computer underground, however, does not display the requisite characteristics of these organizational types. The primary ^ 77 characteristic of "mobs" is an elaborate division of labor (Best and Luckenbill, 1982, p.25). While some CU groups do exhibit a rudimentary division of labor based on individual members' specialization, it is not by any means "elaborate." Any division of labor that does exist is voluntary and arises on the basis of specialized knowledge, not a specialized organizational role. In much the same manner the lack of a designated leader or leadership hierarchy prevents CU groups from being categorized as "formal organizations" in the Best and Luckenbill typology. Deviant organizations at this level are quite sophisticated and there is no empirical evidence that the computer underground is organized in this manner. This study of the computer underground has been a test of the Best and Luckenbill typology of the social organization of deviants. As a test of their organizational indicators, the CU has shown that the categories are well constructed, with the possible exception of limiting "mutual participation" to acts carried out in the presence of others. However, if we modify this to include non-simultaneous, but cooperative, acts as found in phreak/hacker groups, the category is otherwise robust. The flexibility of the ^ 78 typology, which explicitly recognizes that not all deviant associations will display all of the character- istics (Best and Luckenbill, 1982, p.25), is a strength that allowed it to be easily used in terms of the computer underground. By addressing the CU from a social organizational viewpoint we have seen that despite the high technology trappings of their craft, pirates, phreakers, and hackers display organizational characteristics found in other groups that have been criminalized. This may suggest that the development of sophisticated tools to commit "crime" does not necessarily affect the ways in which individuals organize their activities. The implications of peer and collegial organization for the members of the computer underground are vast. The level of sophistication has a direct relationship to the types of resources on which individuals can draw (Best and Luckenbill, 1982, p.54). Because CU members are mutually associated, they are able to turn to colleagues for advice and support with various problems. However, at the collegial level they are left to enact the solutions independently. Whether or not they are successful in doing so will determine if they choose to remain active in the computer underground. The data show that ^ 79 involvement in the CU is short in duration, unless success in early phreak/hack attempts is obtained. As long as the CU remains organized as a collection of colleagues, this trend will continue. Additionally, as the computer and telephone industries become more sophisticated in preventing the unauthorized use of their facilities, new phreak/hackers are unlikely to succeed in their initial attempts at the act, thus dropping away from the activity and never becoming acculturated to the point where peer relationships can be developed. At the peer level, a dimension of sophistication that some members of the CU do display, the knowledge and resources to solve problems and obtain resources is greater. However, even at this level the ties between peers remain weak at best. Although their cooperative ties allow for more sophisticated operations, and somewhat reduce the CU's vulnerability to social control agents (Best and Luckenbill, 1982, p.53), it still does not completely eliminate the need for individual success in order to sustain a CU career. As long as the CU remains at the current level of organizational sophistication, with weak ties and somewhat limited means of support and resource attainment, it will continue to be a transitory and ^ 80 limited "criminal" enterprise. This realization should be considered by policy makers who desire to further criminalize computer underground activities. Given the current organization of the CU, the future social costs of their actions are not likely to expand beyond the current level. There is no evidence to support assertions that the CU is expanding, and the insight provided here shows that it is not likely to do so on a large scale. For sociologists, the computer underground is a field rich for insight into several areas of concern. Future research into the career path of CU members, and the relationships between individuals, could prove helpful to those interested in applying theories of differential association and career deviance. Additionally, the computer underground provides a unique opportunity to study the process of criminalization, and its effect on those who are engaged in the behavior. ^ REFERENCES Best, Joel and David F. Luckenbill. 1982. Organizing Deviance. Englewood Cliff, New Jersey: Prentice-Hall. Bequai, August. 1987. Technocrimes. Lexington, Mass.:Lexington Books. Bickford, Robert. 1988. Personal communication to Gordon Meyer. Chicago Tribune. 1989. "Computer hacker, 18, gets prison for fraud." Feb. 15:2,1. Field Notes. Interviews with phreakers, hackers, and pirates. Conducted from 7/88 to 4/89 (confidential material in authors files). Hollinger, Richard C. and Lonn Lanza-Kaduce. 1988. "The Process of Criminalization: The Case of Computer Crime Laws." Criminology 26:101-126. Levy, Steven. 1984. Hackers: Heroes of the Computer Revolution. New York: Dell Publishing. Message Logs from a variety of computer underground bulletin board systems, (confidential material), 1988- 1989. NBC-TV. 1988. Hour Magazine. November 23, 1988. Parker, Donn B. 1983. Fighting Computer Crime. New York: Charles Scribner's Sons. Rosenbaum, Ron. 1971. "Secrets of the Little Blue Box." Esquire October, pp. 116-125. Small, David. 1988. Personal communication to Gordon Meyer. WGN-Radio. 1988. Ed Schwartz Show. September 27, 1988. ^ 82 APPENDIX A COMPUTER UNDERGROUND PSEUDONYMS _________________________________________________________ |Literature, films,|Computers & |Nouns, titles & | |and Entertainment |related technology |Descriptive names| --------------------------------------------------------- | Pink Floyd | Mrs. Teletype | The Professor | | Hatchet Molly | Baudy Bastard | Perfect Asshole | | Jedi Knight | Doctor Phreak | The Messiah | | King Richard | Lord FAX | Right Wing Fool | | Captain Hoga | CNA Office | Bed Bug | | Al Crowley | Sir Mac | Sleepy Head | | Doc Holiday | Busy Signal | Mean Underwear | | Mr. Big Dog | Silicon Student | Cockroach | | Robin Williams | Fiber Cables | Primo Bomber | | Big Bird | Phone Crasher | The Prisoner | | Cross-eyed Mary | Doc Cryptic | Night Lighting | | Capt. America | Apple Maniac | No Regrets | | Uncle Sam | Fuzzy Sector | Grounded Zero | | Thumpr | Cntrl. Alt. Del. | Spit Wad | | Little John | Byte Ripper | Shadow Dove | ---------------------------------------------------------- ^ 83 APPENDIX B NEW USER QUESTIONNAIRE FROM A PHREAK/HACK BBS Welcome to Analog Electronics Datum System. Please take this time to fill out a one-time questionnaire that will allow us to determine your level of access on Analog Electronics Datum System. If any question is too difficult for you to answer, just answer with your best guess or a simple "I don't know." We basically have two different divisions or types of users on this system: (1) Apple (%%,Mac), and IBM software traders (2) Telecommunication hobbyists - any/all computers (networks, mainframes, engineering) Your answers will help us decide which category you belong to and what access you should get on our system. * What type of computer & modem are you using to call this system? * Where did you get the phone number to Analog Electronics Datum System? * We'll need your first name and real phone # where you can be reached for validation purposes only, this information is kept in a password encoded file, on another computer (critical for higher validation): First for the FILE TRANSFER AREA ACCESS questions: (1) How many bits are in a nibble? (Assume 6502 micro processor) (2) Define WORM, RAM, ROM, VDT, CRT, BPS? (Pick any 3) (3) What does 2400 baud mean in terms of bit transfer speed? ^ 84 (4) What is PT,MT,AE,BIN2,Ymodem Batch,BLU? (Pick any 4) (5) How many Megahertz does a standard Apple %%+ run at? (rounding OK) Now for the TeleCommunication Questions: (1) Describe the Voice Transmission Use of a Loop: (2) If I gave you my phone #, how would you find my name and address?! (3) Can you name any networking software operating systems or protocols? (4) What is the highest frequency a twisted two wire pair can transmit at? (5) We believe Phones and Computers Belong Together, what do you BELIEVE? Ok, thanks for that info. A MESSAGE FROM AL CAPONE (LOCAL) AND THE TRADER (LD) SYSTEM VALIDATORS ----------------------------------------------------- Welcome to ALDS! As a new user you have made a change for the better in choosing this system as one of your places of telecommunication exchange. In my opinion, this is one, if not the best, system in telecommunications today as most of the good boards such as Shadowspawn, Metal Shop Private, etc. do not exist anymore. Quality users exist on this system that have established a reputation for themselves so questions you ask will be answered thoroughly and precisely. We are a sponsor board of the LOD/H Technical Journal, and accounts have been established representing Phrack, Inc. and 2600 Magazine. (For our software trading people, we also have an excellent file transfer area . . . consistent with the rest of the nation . . . ) Due to the high quality of our system, we will ^ 85 need some additional information about you. Maintenance of a high quality system requires high quality users, so the first step in this process is keeping the low quality users off of the system . . . so please cooperate with us . . . this is for your benefit as well as ours. The information you give us will be cross referenced with other systems for accuracy, and if you leave false information, you may suffer low access or deletion. All phone number information is stored outside of the housing of this system inside of an encrypted, password locked file for your security. So if you have left an invalid phone #, please leave one where you can be reached, or someone's name and number (if possible) that will vouch for you. Keep in mind this validation can take up to 1 week to complete due to the high volume of new callers to our system. Note: Limited system access will be granted within 24 Hrs if all of your info seems correct. Thanks in advance . . . Bugsy Malone The Swapper SYSOP/SYSTEM VALIDATORS % Bugsy Malone needs the following info: % (1) Your references (sysops, other users on this system, other BBS). (2) Your interests in having access to our system. (3) How do you feel you can contribute to our system? (4) How many years of telecommunication experience do you have? (5) Do you have any special talents in programming, or operating systems? If yes, then name the language(s) or operating system(s). Enter message now, answering these questions: %after entering the message the BBS hangs up and the caller will call back in 24 hours to see if access has been granted.% ^ !