|
Page 1 of 3 
SOURCE.PHRACK.MAGAZINE 1 - Hacker's Myth
2 - The Security Industry
3 - Black Hat, Two Faces
4 - Technology
5 - Criminals
6 - Forgotten Youth
7 - The Forward Link
-------------
Hacker's Myth
-------------
This is a statement on the fate of the modern underground. There will
be none of the nostalgia, melodrama, black hat rhetoric or white hat
over-analysis that normally accompanies such writing.
Since the early sixties there has been just one continuous hacking
scene. From phreaking to hacking, people came and went, explosions of
activity, various geographical shifts of influence. But although the scene
seemed to constantly redefine itself in the ebb and flow of technology,
it always had a direct lineage to the past, with similar traditions,
culture and spirit.
In the past few years this connection has been completely severed.
And so there's very little point in writing about what the underground
used to be; leave that to the historians. Very little point writing
about what should be done to make everything good again; leave that to
the dreamers and idealists. Instead I'm going to lay down some cold hard
facts about the way things are now, and more importantly, how they came
to be this way.
This is the story of how the underground died.
---------------------
The Security Industry
---------------------
Then in the U.S. music scene there was big changes made
Due to circumstances beyond our control... such as payola
The rock n roll scene died after two years of solid rock
- The Animals, circa 1964
There is little doubt that the explosion of the security industry has
directly coincided with the decline of the hacking scene. The hackers
of the eighties and nineties became the security professionals of the
new millennium, and the community suffered for it.
The fact is that hackers, mostly on an individual basis, decided to
use their passion as a source of income. Whether this is good, bad,
or just pragmatic is completely irrelevant. Nearly all the hackers that
could get jobs did. For the individuals that decision has been made (for
better or worse), and in general there's nothing that will change this.
This was a hacker exodus. What really mattered was not the loss of any
individuals, but the cumulative effect this had on the underground. The
more hackers that left the underground for a corporate life, the fewer
that came in. And those who stayed became entrenched, increasingly
disconnected.
Collaboration in this new age of career hackers has all but ceased to
exist. Individuals are now obsessed with credit. For their career, for
their standing in the community, it must be absolutely clear who this
research, this vulnerability, or even this opinion belongs to.
There is no trust in this corporate community; an underground issue
greatly amplified by corporate motivations. A single person can go months
or even years without telling anyone exactly what he is working on, and
whats more, will be genuinely worried about someone "publishing" their
results before him. There is no respect for the information he holds,
no belief that information should be free, no belief that research should
be open. All that matters is credit; all that matters is fame and money,
their career.
This is purely the fault of the security industry, who has exploited
and cultivated this culture, designed it for their needs. The truly sad
thing is that the corporate security world hasn't realized that they are
sitting on a gold mine, and as a result the mine is likely to collapse;
and likely to take their industry down with it.
The security industry uses information as its sole commodity, information
about insecurity. Who has the information, and who doesn't is what
makes this economy work. Whats more, the economy has been founded on
the continued output of a finite group of hackers. For the most part,
founded on those hackers that came out of the underground scene at their
technical prime.
But these hackers are not going to continue their production
indefinitely. They will lose their technical edge, move on to other
industries, perhaps climb the ladder up to management, and then
retire. The question is, then what? Then it will be up to the new wave
of young security professionals, whose motivation is as much financial
as it is passion for the technology and the thrill of the hacking game.
To imagine that these new wave office workers, university trained and
disinterested, can match the creative output of a genuine hacker is
laughable. The industry will stagnate under these conditions. The rapid
technical advancement we have seen will end, no more breakthroughs:
no more new security products or services. Just the same old techniques
being rehashed again and again until the rock has been bled dry.
I am trying to show you the symbiotic nature of the security industry
and the hacking scene. Industry needs insecurity to survive, there is
no doubt about this. A secure and stable Internet is not profitable for
long. Hackers provided instability, change, chaos. So the industry became
a parasite on the hacking scene, devouring the talent pool without giving
anything back, not thinking of what will happen when there are no more
hackers to consume.
For this reason, the security industry, much like the hacker underground,
is doomed, perhaps even destined for failure. But for now, all that
matters is that we have a thriving industry and...
A hacker underground proclaimed to be dead.
|
