[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]


..[ Phrack Magazine ]..
.:: Phrackerz: Two Tales ::.

Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] [ 26 ] [ 27 ] [ 28 ] [ 29 ] [ 30 ] [ 31 ] [ 32 ] [ 33 ] [ 34 ] [ 35 ] [ 36 ] [ 37 ] [ 38 ] [ 39 ] [ 40 ] [ 41 ] [ 42 ] [ 43 ] [ 44 ] [ 45 ] [ 46 ] [ 47 ] [ 48 ] [ 49 ] [ 50 ] [ 51 ] [ 52 ] [ 53 ] [ 54 ] [ 55 ] [ 56 ] [ 57 ] [ 58 ] [ 59 ] [ 60 ] [ 61 ] [ 62 ] [ 63 ] [ 64 ] [ 65 ] [ 66 ] [ 67 ] [ 68 ] [ 69 ] [ 70 ]
Current issue : #67 | Release date : 2010-11-17 | Editor : The Phrack Staff
IntroductionThe Phrack Staff
Phrack Prophile on PunkThe Phrack Staff
Phrack World NewsEL ZILCHO
Loopback (is back)The Phrack Staff
How to make it in PrisonTAp
Kernel instrumentation using kprobesElfMaster
ProFTPD with mod_sql pre-authentication, remote rootFelineMenace
The House Of Lore: Reloaded ptmalloc v2 & v3: Analysis & Corruptionblackngel
A Eulogy for Format StringsCaptain Planet
Dynamic Program Analysis and Software ExploitationBSDaemon
Exploiting Memory Corruptions in Fortran Programs Under Unix/VMSMagma
Phrackerz: Two TalesAntipeace & The Analog Kid
Scraps of notes on remote stack overflow exploitationpi3
Notes Concerning The Security, Design and Administration of Siemens DCO-CSThe Philosopher
Hacking the mind for fun and profitlvxferis
International scenesvarious
Title : Phrackerz: Two Tales
Author : Antipeace & The Analog Kid
                              ==Phrack Inc.==

                Volume 0x0e, Issue 0x43, Phile #0x0c of 0x10

|=-----------------------------------------------------------------------=|
|=------------------=[ P H R A C K E R Z: Two Tales ]=-------------------=|
|=-----------------------------------------------------------------------=|
|=-------------------=[ Antipeace and The Analog Kid ]=------------------=|
|=-----------=[ antipeace@phrack.org / analog_kid@phrack.org ]=----------=|
|=-----------------------------------------------------------------------=|

This is a tale of two hackers. Two souls lost in this world of bits. One
tells a first hand tale of a hackers life. Another, gone mad from analyzing
too many ltrace outputs, looks at the existence of Phrack Inc. from the
outside.

One wanted to be a hacker from childhood. The other had plans of being a
rock star. None the less, here in this strange network of fibers, their
paths collide and their stories are fused together.

Who owns an idea when it is anonymous? Who is the arbiter of ethics, the
individual hacker or the mass media? What good is a secret that cannot be
shared? What defines an author if the author is anonymous?

These are two stories from both hackers, fused together, as they struggle
to answer such questions. It is a collage of segments from the two tales.

                                    ~~~

|=-----------------------------------------------------------------------=|
|=----------=[ When I was a child I wanted to be one of them ]=----------=|
|=-----------------------------------------------------------------------=|
|=-------------------------=[  by Antipeace  ]=--------------------------=|
|=-----------------------------------------------------------------------=|

--[ Contents

  1 - Who the hell is it written for?
  2 - Who they think we are
  3 - We are not _so_ special
  4 - The downside of a hacking life
  5 - So in the end...

--]

                                    ~~~

|=-----------------------------------------------------------------------=|
|=-------------------=[ The tale of the phrack boys ]=-------------------=|
|=-----------------------------------------------------------------------=|
|=----------------------=[  by The Analog Kid  ]=------------------------=|
|=-----------------------------------------------------------------------=|

--[ Contents

  1 - A witch hunt begins
  2 - What do people think they are?
  3 - Are they so special?
  4 - Why they must lurk in the shadows of publicity
  5 - Of the indictment and the witch hunt
  6 - A closing note
  7 - Acknowledgments
  8 - References

--]

                                    ~~~

                       --(  A witch hunt begins  )--
                             by The Analog Kid

    "Neither have been charged ... they expect to at least be called as
    witnesses at the case of the Phrack Boys [1]

April 0x5, 1990, 6:50 AM: On that day a hacker is born into this world.

March 0x1, 1990, 6:30 AM: Secret service agents charge into the room of
Phrack Inc contributor, The Mentor. Their guns are drawn and pointed at his
head.

March 0x1, 1990, 11:00 AM: Secret service agents complete their search and
seizure of The Mentor's property. Agents prepare to raid the Mentor's work
office [1].

April 0x5, 1990, 12:00 PM: The wheels are spinning busily at Phrack Inc.
With key members under investigation by the federal government, rumors are
rampant of the journal's demise. Remaining members of the underground
bustle to assemble a new issue and quell the rumors. "Phrack will and can't
ever die, the journal proclaims [2].

                                    ~~~

                 --(  Who the hell is it written for?  )--
                               by Antipeace

If I had to make a choice, I would say that the hacking papers which
impressed me the most were the unusual ones and by "unusual" I mean dealing
with subjects such as esotericism, philosophy, and ethics. Yes the kind of
things that would bore you to death. It's not that I systematically prefer
intellectual masturbation over coding but let's face the pathetic truth:
though there are exceptions, good technical papers are rarer and rarer and
information is shamelessly duplicated everywhere.

Interestingly enough, papers written on a thinking or life experience basis
are on a whole other scale. Being based on personal experience, they are
intrinsically unique. There is no better example than the excellent article
written by TAp in this issue. Believe me it kicks ass; you'll feel it deep
down.

Writing these kind of things is usually done with the hope that a message
will be transmitted. I personally chose to write mine for the people who
have no clue of what a hacker's true life really is. That may include kids
willing to learn about our culture as well as those of you who just came
across these words.

If you ever thought that being a hacker was as cool as what's pictured
in the movies, then please don't stop reading. This paper, is just a set
of personal thoughts regarding the (unfinished) life of one (or more ?)
hackers amongst thousands. Neither the best nor the worst. Just one of
them.

                                    ~~~

                 --(  What do people think they are?  )--
                             by The Analog Kid

Phrack Inc., an online journal created by the hacker community, represents
the contemporary hacker community. Its articles are still well respected
within academia and it is likely that some of its content draws from the
academy. Although Phrack Inc. may seem devious to mainstream society on
the surface, it serves a deeper purpose as a medium to freely distribute
substantive technical information between an underground community of
computer programmers. Functionally, Phrack Inc. is an outlet for the free
discussion of software exploitation.

During my freshman year of college I stumbled upon a Phrack Inc. article
from time to time, but never realized the site's importance until my
sophomore year. I was enrolled in a graduate class and the professor used
the web site as a reference in class one day. When discussing the use of
the web-site with him after class, the professor was immediately intrigued
that I was familiar with the site. He told me that, in his opinion, the
contributors of Phrack Inc. were just as intelligent as those in academia,
and that sometimes it was good to have publications that were more direct
and less formal than their academic counterparts. In addition, an in depth
knowledge of computer software and hardware is required, with references to
assembly code, operating systems, glibc, gdb, and the dynamic linker strewn
throughout the articles. The site is also respected by security
professionals within the IT community, who use it as a tool to track the
latest hacking methods [3].

Phrack, as a publication, creates an outlet for these hackers to express
themselves and reveal their values to the public.

                                    ~~~

                      --(  Who they think we are  )--
                               by Antipeace

The way we humans are generally perceived is really important to most of
us as there is always an implicit resulting judgment. With the notable
exception of psychos, most of us are probably willing to be seen as we
'truly' are, or in other words as we 'believe' ourselves to be, and not as
we seem to be. As being hackers is part of our identity, it's only natural
to feel concerned about how this secret part of our personality is seen by
society.

This brings the question of how hackers are perceived by people in general.
Though there are notable exceptions, people usually see us as movies/books
and magazines/TV shows describe us.

Various fictional hackers are pictured in cyberpunk science fiction
('Matrix'), action movies ('Live Free or Die Hard'), caper films
('Sneakers') and more generally in many fictional stories. However compared
to them, we average hackers from the real world are forced to admit that
we're not that great:

    - we do not hack into satellites on a daily basis
    - we do not own OpenGL maps of buildings allowing us to control lights,
      elevators and doors at will
    - at some point encryption, passwords and firewalls may be troublesome
      even for us ;)

Of course weak minds may be abused in the process and assume as a result
that hackers are, at some point, what a typical Bruce Willis movie is
showing them: wizards. Should we feel angry about it? Certainly not because
this is fiction and everything is allowed. Now things are different when it
comes to media.

Who ever criticized the journalists? Not me, nor you, with high
probability. Almost everybody was or will be the witness of a false claim
(or of an obvious speculation) from a journalist in his lifetime. The
problem is that taking into account the almost unlimited number of profiles
in the audience, that's itself a hint pointing out that mistakes are
frequent. What is obviously not correct for you may appear correct for me,
and vice versa.

Now what's interesting is that it gives us an idea about how fucked up a
media outlet (newspaper, web site, TV show) may be regarding a particular
area (such as security but not only).

I believe there are two cases to consider:
    - Technical publications and/or computer literate media
    - Mass media aimed at the general public

Regarding the first case, my personal belief is that this is two sided.
Either the provided information is good or it's total bullshit. People
who care are doing quality and not useless shit. From this point of view,
popularization is the worst kind of information. Under the pretext of
simplifying things for people, every kind of approximation appears to be
allowed. Of course, publication being associated with sales and/or ratings,
if something can be exaggerated to impress even more, why not? Why would
journalists try to understand and care about their subject? After all the
target is a mass audience. So if 2 or 3 people were mad, who would give a
shit about it?

I've hated journalists for a long time for what I thought to be their
incompetence. I later learned about the dramatic conditions they're living
in: precarious employment and the necessity to write ever more for a low
salary. Journalism changed and now I hate journalists for their lack of
professionalism. You may argue that one needs to live but I would answer
back that nothing justifies intellectual prostitution. If a person is
clever enough to have that kind of job, other jobs should be possible as
well.

Now coming back to us, how could we be correctly understood / represented
in these conditions? Sadly, bad journalism is often mass journalism which
makes things even worse as people (including around you) will always be
influenced. Trying to change their way to see things is already a lost
cause. As a hacker you will have to learn to live with bullshit all around
you. It may be tough but the only important thing is to have independent
self-esteem, not relying on the judgement of others. A good psychologist
would even tell you that it's necessary for personal construction...

                                    ~~~

                      --(  Are they so special?  )--
                             by The Analog Kid

Why then are these hackers cast in such an antagonistic light by the media,
if the contributors to journals such as Phrack are mainly thinkers? Given
that Phrack's content is as substantial and intellectual as an academic
journal, why is its community cast in such an antagonistic light?

Morally, Phrack Inc. is in a gray area. The site itself does not engage in
or promote illegal activity, however the information on Phrack Inc. is
published in a very open way; Phrack Inc. does not assume responsibility
for what the criminal underground may do with their information. More
formal research communities would consider it moral etiquette to have 
security holes fixed before publishing them. Phrack Inc.'s tendency to
publish information with no forewarning is a testament to the group's
valuation of free information and an uncontrollable side effect of its
association with the hacking underground.

Most Phrack releases have a GPG key included with the introduction [4].
This is not a feature commonly seen in academic or professional articles.
Functionally there is an important reason to have an encryption key, it
allows the articles to be submitted securely (if the e-mail is intercepted
the contents could not be read), preserving the identity of the author.
This highlights the controversial nature of what is discussed in the hacker
community, as well as the members' valuation of anonymity. By remaining
anonymous they feel able to safely continue the free flow of information,
which is the ultimate goal of Phrack Inc.

The free flow of information at Phrack allows one to learn a-lot about the
hackers who submit articles to it. Their values, their personality, and
their intellectual curiosity is spread all throughout the articles.

                                    ~~~

                     --(  We are not _so_ special  )--
                               by Antipeace

Having earlier outlined my disagreement with the common beliefs, now is the
time to share my own vision. IMHO no one is born designated to become a
"hacker" some day. I don't know if there are predispositions (maybe our
insane curiosity or the urge to understand things?) but I would say that
being a hacker is essentially about acquiring a hacking mindset.

Now that being said, let's see what a hacker truly is.

Intellect
---------

Though movies and medias sometimes describe hackers as genius (see
"Hackers" with the cute Angelina Jolie for example ;) who for some reason
are shown proficient with computers, reality is a bit different.

Sorry to destroy the myth but the average hacker is just an intellectual.
Of course, there are true geniuses amongst us but the fundamental
difference lies in the willingness to exploit our brain as much as possible
in order to ask the essential questions as well as to find the appropriate
answers.

There is usually no need to be brilliant to impress people with hacking.
Let me make an analogy to magicians. Even the simplest tricks are amazing
for people who don't know how they are working. Things are the same in
hacking. Daily life hacking is probably more about using thousands of cheap
tricks but people are not aware of that. Since this kind of cheap hacking
has visible consequences for the masses, hackers are falsely assumed to be
the geniuses described in movies.

Personality
-----------

Most hackers are computer 'freaks' able to spend hours in front of their
screen in order to solve a particular problem. In a way, hackers are geeks
and there are thousands of them.

That said, it must be added that they have this unusual characteristic
growing with time: the obsessional will to discover incoherency, mistakes
(having impacts in security or not) in everyday life. As I said, a hacker
is probably not smarter than you, but he/she is way more focused.

What may be cool at first sight is sometimes heavy to carry. Imagine
yourself analyzing everything. Not only is that painful for others 
(friends, coworkers, family, lovers) to have this kind of person around but
it can also be troublesome for you. Indeed you will sometimes be mad
because of all these daily pieces of nonsense that ordinary people do not
notice. Probably because of that, some hackers assume that they are smarter
than the rest of the world, sometimes internally thinking they are some
House-like guy, and quickly develop unfortunate ego issues which are
discussed later.

Social profile
--------------

Once again, it would be easy to draw quick conclusions based on collective
imagery and again, there is no simple description as it's impossible to
generalize. The social profile of individuals is a mix of both their
personality and their evolution.

Amongst the hackers I've met around the world, I can say that I've seen
people who are:

    - socially isolated / barely capable of having a proper conversation
    - "normal" (taking into account the usual criteria)
    - extroverts always talking to everybody everywhere they go

Personally I would say that I quickly understood that a social life was
important, not to say necessary. Having natural tendencies to be an
introvert, I've worked with myself to reach a stable equilibrium.

Note that I try as much as possible not to mix my activities and my social
life. The reason is simple: as I said, people around me are not able to
understand (because of the lack of technical background) nor really willing
to understand it (because of the prejudices coming from the media). Anyway
this is not that bad, considering the security consequences of being a
chatterbox.

                                    ~~~

         --(  Why they must lurk in the shadows of anonymity  )--
                             by The Analog Kid

Those who do choose to share their information generally publish under
anonymous aliases so as to protect their true identity. Publishing articles
under anonymous screen names is in stark contrast to academia, where the
goal is to have as much information published with your name as possible.
Part of why academia admires Phrack Inc. is that by retaining anonymity,
its members are free to discuss topics at will without concern for
"political fallout. Some of the authors of Phrack Inc. are listed as,
"nemo, "huku, and "BSDaemon [5]. As a case study in this anonymous
culture, the introduction of Phrack Inc. issue 66, contains a good-bye to a
friend: "cliph [4]. No other information is given. I inadvertently
stumbled across the identity of this Cliph while reading an article on a
different web-site, which stated that, "This post is dedicated to Wojciech
"cliph Purczynski. [6]. Even with the full name available, a search for
information yields no clues as to what became of this individual. Multiple
tributes to the individual known as "cliph show that within the hacker
community there is respect and recognition to the most skilled members;
this is not different than academia.

The issue of using anonymous screen names is directly confronted at the end
of the "Malloc DES-Maleficarum article, where the author comments on a
quote by Eric S. Raymond who criticizes the use of such false names. The
author confronts the reader with the question, "Is there some connection
between our name and our skills, philosophy of life or our ethics in
hacking [7]? The author -- intending to speak for the community as a
whole -- argues that the means by which they identity themselves is a
result of society's judgement on computer hackers and not a reflection of
the people. It is interesting that an American, Eric Raymond, would place
heavy emphasis on the personal ownership of ideas, a very American value.
The Phrack Inc. community, undoubtedly as global as the Internet within
which it exists, shows interest in expanding knowledge and the ideas of
others, rather than taking personal ownership of static concepts.

In its layout, Phrack Inc. exhibits a much more informal nature than formal
publications. Consider for example, the previously mentioned article
"Malloc DES-Maleficarum. The title is a clear allusion to the Malleus
Maleficarum, a treatise on witches published in 1486 during the inquisition
[8]. By invoking references to witchcraft the journal is again making light
of the negative connotations society imposes upon it. The section headings
too are of an unconventional nature: "The House of Mind, "The House of
Prime, "The House of Spirit, "The House of Force, "The House of Lore,
and "The House of Underground [7]. Article 5, "Backdooring Juniper
Firewalls, also makes reference to movies in it sections headings, with
titles such as "Netscreen of the Dead, and "28 Hacks Later [10]. The
references to Medieval texts and creative naming schemes demonstrates a
level of culture and sophistication (as well as humor) within the
community.

Although the space here would not allow for such discussion, the audience
might stop for a moment and consider what it means to be an author, and
whether a legal name is truly required to identify a work as one's own.
In Michael Foucault's essay, "What Is an Author?, Foucault decrees that,
"The author function is linked to the juridical and institutional system
that encompasses, determines, and articulates the universe of discourses
[12]. If this statement is accurate, then the function of the author at
Phrack Inc. is to allow the free distribution of material that might
otherwise be censored. The raids and indictment of founding Phrack Inc.
members discussed at the beginning show the severe role that the global
juridical system has in directing Phrack Inc's style of discourse. If
"institutional [12] refers to the ad hoc rules of morality and ethics
imposed by society, then this again forces the Phrack Inc. contributors
into an anonymous universe of discourse, as society might forsake these
contributors. Consider how a deep and publicized knowledge of controversial
computer hacking methods might be a black mark on the reputation of any
programmer applying for work with a large corporation.

The need to protect ones identity, and avoid public recognition for their
discoveries, is one of the downsides that comes with being a member of the
hacker community.

                                    ~~~

                 --(  The downside of a hacking life  )--
                               by Antipeace

Consider life in general. People are not always happy because they are
bothered with random things such as the neighbor's dog always barking for
nothing, their child having bad grades at school, etc. The modern world is
full of stress and there is nothing to do but to bear it.

Hacking certainly has cool aspects (though contrary to movies, in the end
you won't get the girl after saving the world) but it also has side effects
that are added to the current level of daily stress. Occasionally, you will
be angry or anxious. You may even become paranoid at some point. This is
mainly what I call the downside of the hacking life.

The disclosure war
------------------

Well this is a hot topic. To simplify things for those who are unfamiliar,
let's say that the hacking scene is divided in two groups of individuals:

    - people publishing (or willing to publish) bugs, exploits, papers
    - people who want to keep these things secret or at the very least
      within the underground

Though clearly belonging to the second group, I won't try to convince you
that disclosure is bad as the arguments for both sides are valuable. I just
choose my side. However, I can tell you how this issue may affect you or
your friends.

If you are a so called 'black hat', then there is a good chance that you
have developed techniques or exploits based on your own discoveries. Ten
years ago, if you were smart/skilled enough, being innovative could bring
you new kickass tools/exploits in a matter of hours or days at the very
least. Things are a bit different nowadays and the required time for
giving birth has increased a lot (though virtualization and generalization
of scripting languages helped a lot). If you consider remote exploits
targeting C programs, it takes so much time to find and exploit bugs that
the cost of doing so is now insane. Now imagine that you've been working on
a particular bug for weeks / months. How would you react if some guy were
to publish it as a full disclosure? Oh you would be angry, and you may even
be willing to kill him. The fact that the bug may have been leaked or that
the guy releasing may not have understood the bug properly would only
exacerbate your feelings.

The ring of trust
-----------------

What ever hacking activities you have, there is little doubt that you won't
remain alone. Socially speaking, at some point you will try to be part of a
community or part of a group because:

    - you will want to find people able to understand what you are doing
    - you will want to share information

This will bring the unavoidable question of the amount of trust that you
can place in fellow hackers. Ironically this is a security problem and as
such it must be solved before exchanging anything. Practically speaking, we
all make the same mistake at least once: we trust and we are betrayed.


                    (---------------------------------)

He that has eyes to see and ears to hear may convince himself that no
mortal can keep a secret. If his lips are silent, he chatters with his
fingertips; betrayal oozes out of him at every pore.

                                                         Sigmund Freud

                    (---------------------------------)


Amongst the consequences of information leaks, I've personally been the
witness of the two following sad things:

    - Busts. Never forget that there may be people leaking information to
      the government agencies amongst us. While it's true that most people
      will unintentionally leak, some of them may be directly working for
      the gov either because they got busted themselves and had no choice
      but to cooperate or because they were the enemy from the very
      beginning. Also one piece of advice, do not make the mistake of
      assuming that your friends will be mute once caught, we're only human
      beings.

    - 0day leaks. Fortunately it happens more often than the previous case.
      Whenever you see the price of bugs (or of the exploits), you can
      imagine how much of a temptation it can be to sell them if you are
      some jackass. But how would the asshole get the information?

      I came up with a theory. Because of the very nature of our research,
      I believe that the more innovative/kickass/time-consuming it is,
      the more likely you will be to share the information with at least
      someone else. It's just like owning some big secret that you can't
      share with anyone. Now consider the analogy of a pebble being thrown
      on the surface of a pond. Each time the pebble hits the surface,
      waves propagate. If the pebble is the information then the waves
      are the leak. One strike may induce countless waves: your 0day is
      condemned to death.

      Now a personal message for my fellow hackers. If you want to avoid
      these pinches on your chest when your precious bugs are disclosed,
      there is only one thing to do: stop crying over your loss and next
      time shut the fuck up. Nothing else is working, you should know that.

This trust must be placed with time. I would also recommend the GPG chain
of trust model. It's not flawless (and far from it, believe me) but it may
be a good alternative. It will allow you to release the tension of having
to always keep things to yourself, and yet doing it in a 'controlled'
way...

Ego and acknowledgment
----------------------

It usually takes time to be mentally strong. No matter how smart people
are, they will have ego issues at some point in their hacking life. The
problem is that ego is responsible for the urge for acknowledgment that
push people to:

    - disclose security flaws & exploits
    - publish and display themselves more than required in conferences
    - spend time on IRC / ML explaining to the world how cool they are

Don't get me wrong, this is not a complaint against disclosure. Some people
choose to disclose bugs and/or techniques out of their own free will. This
is their choice and I respect that. Now things are different when your mind
is fucked because of your increasing ego.

Like I said, everyone in our community is fucked at some point in his life,
loses common sense and ends up doing stupid things. Of course, I'm no
exception as I've done things I'm not proud of years ago. While this ego
thing is supposed to be a short period in your life (people grow up), it
seems that part of the security circus definitely lost itself.

Drugs & alcohol
---------------

To tell you the truth I have no real explanation about our insane alcohol
consumption. I guess this is just part of the culture. Whenever you see
your friends, you have to drink and with time, you'll drink more and more
often (though not as much as .pl guys, damned crazy drunken bastards ;>).
However while your physical (kidney) tolerance increases with time, the
vicious side effect of alcohol will remain: while drunk you will be more
likely to leak information. My advice: if you have little control over
yourself, do not heavily drink with unknown people.

Amongst fellow hackers, most drug users that I know tried many things out
of curiosity and a willingness to experiment, which are both part of their
hacker nature. They also take drugs to enhance their creativity or their
ability to concentrate. As such, drugs may have a positive impact on your
hacking.

I doubt I will ever see a hacker amongst high level athletes ;-)

                                   ~~~~

              --(  Of the indictment and the witch hunt  )--
                             by The Analog Kid

So then what of Phrack Inc.? If not academic or professional in nature, can
it be dismissed as merely the mischievous work of hooligans? Certainly the
technical expertise and respect the journal has gained within academia and
the professional world shows that this work is not easily dismissed as
trivial. What of its ethics then? What really is the genre and purpose of
Phrack Inc.?

On July 23, 1990 the trial of Craig Neidorf, the 19 year old pre-law
student who founded Phrack Inc. out of a desire to exercise free speech,
began. Neidorf was indicted on 10 felony counts carrying a maximum penalty
of 65 years in prison, primarily related to the theft of a proprietary Bell
South document claimed to be worth $23,000. After the defense demonstrated
that the information Neidorf was accused of stealing could be obtained from
Bellcore by calling a 800 number and paying a $13 fee, the government was
forced to drop all charges to avoid utter embarrassment [11].

On the surface the actions of Craig Nedorf seemed sinister and criminal in
nature. The facts of the case however, showed the below the surface were
innocent intentions mislabeled by the institutions of society. Although
society may view Phrack Inc. as devious and criminal, what really lies
behind the facade is a journal of credible intellectual material that,
while coming from a different culture, rivals that of academia. The members
of this community all have their own unique experiences and views and we
can learn a lot about society and the flow of information by listening to
what these people have to say.

                                    ~~~

                        --(  So in the end...  )--
                               by Antipeace

When I was a child I wanted to be one of them, I wanted to be a hacker.
More than two decades later, not only have I finally fulfilled this dream
but I have also gathered enough experience to analyze the impact that it
has had on my life.

Clearly it brought me a lot. Not only have I met the most fascinating
people of my life, but it gave me this feeling that no matter how fucked
things could be around us, I would always be able to see through it.

However living a hacker's life wasn't harmless as I experimented with a few
unpleasant things, which even now still have (minor) impacts on my life.
Without a doubt, the more you experiment, the stronger you become. That's
why I will never regret having chosen this path.

I wrote this paper as an anonymous author (ego issues being mostly behind
me at the time of writing) with the hope that people interested in the
underground culture would read it. I tried to focus on the more interesting
points. There is a lot more that could be developed as I only threw a
few ideas around, sometimes exclusively mine, sometimes shared by fellow
hackers and friends.

                                    ~~~

                         --(  A Closing Note  )--
                             by The Analog Kid

And so two stories, from two hackers, have been fused in time and presented
to you here at Phrack Inc. We hope you learned something about the culture
One story was written by a hacker speaking of his own life; the other was a
story hoping to analyze the hacker culture, and Phrack's place in
discourse, on a large scale.

We hope you learned something about who these "hackers" seen in media
references are, what they believe, and what drives them.

                                    ~~~

                         --(  Acknowledgments  )--
                             by The Analog Kid

First I give a tip of the hat to Rutty for teaching me how to write, and
still teaching me to write years later. To Roadie for teaching me how to
write, skipping town, and never teaching me how to write again. To Bearz
for showing me how to work outside the box. And to Ziggy for condensing
whole paragraphs of mine into single sentences. :) Without L.A. this
paper would have lacked much of its direction, and in fact the W.C. made
substantial contributions. Finally, thanks to al1c3_c00p3r for helping me
to polish the final product.

                                    ~~~

                         --(  Acknowledgments  )--
                               by Antipeace

                             To my friends...
           Special fuck to kingc0pe and his fellow cockroaches.

                                    ~~~

                           --(  References  )--
                             by The Analog Kid

[1]  Phreak_Accident. (2010, September 21) Phrack World News: Issue XXXI,
     Part Three. [Online].
     Available: http://phrack.org/issues.html?issue=31&id=10#article

[2]  DH. (2010, September 21) Intro to Phrack 31. [Online].
     Available: http://phrack.org/issues.html?issue=31&id=1#article

[3]  W. Sturgeon. (2010, September 21) Long-lived Hacker Mag Shuts Down.
     [Online].
     Available: http://news.cnet.com/Long-lived-hacker-mag-shuts-down/2100-
     7349_3-5783383.html

[4]  The Circle of Lost Hackers. (2010, September 16) Introduction.
     [Online].
     Available: http://phrack.org/issues.html?issue=66&id=1#article

[5]  (2010, September 16) Phrack Authors. [Online].
     Available: http://phrack.org/authors.html

[6]  B. Hawkes. (2010, September 19) Linux Compat Vulns (part 2). [Online].
     Available: http://sota.gen.nz/compat2/

[7]  blackngel. (2010, September 15) Malloc DES-Maleficarum. [Online].
     Available: http://phrack.org/issues.html?issue=66&id=10#article

[8]  (2010, September 18) The Malleus Maleficarum. [Online]. Available:
     http://www.malleusmaleficarum.org/

[9]  L. Highsmith. (2010, September 19) Linux Kernel Heap Tampering
     Detection. [Online].
     Available: http://phrack.org/issues.html?issue=66&id=15#article

[10] Graeme. (2010, September 19) Netscreen of the Dead: Developing a
     Trojaned Firmware for Juniper ScreenOS Platforms. [Online].
     Available: http://phrack.org/issues.html?issue=66&id=5#article

[11] D. Denning, "The United States Vs. Craig Neidorf: a Debate on
     Electronic Publishing, Constitutional Rights and Hacking."
     Communications of the ACM, 1991.

[12] M. Foucault, The Foucault Reader, P. Rainbow, Ed. Vintage, 1984.

[13] (2010, September 26) Phrack Magazine. [Online].
     Available: http://phrack.org/
[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]
© Copyleft 1985-2021, Phrack Magazine.