The dark spectre of crime? Or is it Hollow Man?

As computers take on an increasingly critical role in society, the fear of computer crime has also become more palpable. But how justified is that fear?

John Windell

Seventh of February 2000: a number of the world's busiest websites, including Amazon.com and Yahoo, are temporarily shut down as computer hackers launch denial of service' attacks, swamping the sites with countless instant page hits, causing them to seize up. Those responsible are denounced as criminals.
Fourth of May 2000: a computer virus triggered when users open an email headed 'I Love You' spreads around the world and infects millions of PCs in homes and businesses before anybody knows what's happening. The FBI's computer crime section begins scouring the internet in hot pursuit of the person who unleashed the most virulent computer bug yet seen.
Reading reports of these events in newspapers, or watching them on television, you could be forgiven for thinking the world was doing held to ransom by a James Bond villain of some sod, an evil genius intent on wreaking havoc from his hi- tech lair. There's no mistaking it is a potent fear: most of us realise the modern world depends on computers, but few understand the technology to any great degree, making us easy prey for lurid news reports. However, is there any substance to this fear, or is it merely a technological version of old-fashioned superstition? Are computer hackers super - criminals, or just pimple-flecked, socially inadequate teenagers desperate for attention?
These are among the questions asked by Hack the Planet, which takes the viewer into the murky world of the computer hacker to seek the truth, or otherwise, behind the popular image of hackers as malicious masterminds.
OU computer lecturer Blaine Price, was heavily involved in making the programme: "'Hacker', in the computing community, is not a pejorative term," he says. "A hacker, generally, is someone who does computing for the love of it, who likes to find innovative solutions to problems."
As with any group of people with a shared interest, hackers like to form clubs. Perhaps the most famous of these is the Chaos Computer Club, based in Berlin. It was a member of Chaos who during the 1980s was responsible for breaking into US military computers and selling the secrets to the Russians. This is not typical of their activities, however. For the most part they remain enthusiasts with a well-developed sense of curiosity - which can sometimes mutate into an equally well-developed sense of mission.
Take, for example, another of the famous computer clubs, the Cult of the Dead Cow. It claims to perform a public service in looking for flaws in software. "They might take a newly released Microsoft product and go and hammer at it from a technical point of view, and try to find the holes that might affect the people who use it," says Price. The Dead Cows found such a hole in every version of the Windows operating system, which potentially allows other people to spy on computers using those systems, or even remotely control them from the internet. Conspiracy theorists might suggest this is more intentional than accidental (the name attached to the relevant piece of code begins with the letters NSA - the National Security Agency?), but the point is that the Dead Cows exposed the flaw. "They went to the manufacturer," adds Price, "and quietly said, 'You have a problem, and we're telling you so you can fix it before bad people exploit it'. Microsoft replied, 'Thank you, we'll fix it', and ignored it."

VDU
You can go to a black website and get a simple script for attacking systems


So the Cult of the Dead Cows went public to shame Microsoft into fixing the software. It's still not fixed.
So hackers are consumer champions. They are also ethical warriors. These are the people with a cause, be it environmental protection, dropping the Third World debt or a general distaste for big business. Their tactics are to target enemy websites and disrupt them, spoof them or shut them down altogether. This is what has happened to the World Trade Organisation's site a number of times; to ethical hackers, a body such as the WTO deserves whatever trouble they can cook up for it. In other words, ethical hackers feel morally justified. One of their preferred methods is the 'denial of service' attack, which involves a large number of computers hitting the target website at once. This, in effect, denies service to everyone else. It's a bit like a virtual sit-down protest, which is how the hackers might like to see it. Or, as Blaine Price says: "The internet is like a public road, but anyone can instantly create a million virtual cars and intentionally block all the roads until you can plough them out of the way."
Denial of service attacks can be effective, but it's hard to see what point anybody is trying to make by hitting the bookseller Amazon.com, other than simply proving that they can. And if that's the case, if reveals a curious fact about hacking: it doesn't actually require much skill. "You can go to a black website and get a simple script for attacking systems," says Price. "They're not necessarily smart people. They're just following a recipe."
How this contrasts with the general perception of computer hackers as wayward geniuses or digital gunslingers. According to Price: "The media glorifies them in a way by giving the impression they're more intelligent than the people writing the systems." In fact, all the other hackers refer to them as 'crackers', because they crack systems, and in this sense, they are little more than vandals. But because they don't carry spray paint, the person on the street can't readily understand it. Their handiwork has a hint of mystery to it, and so we get the over-wrought news headlines.
Still, just as one sort of vandal might derail a train, could this sort also cause real and lasting damage? Maybe, but if the worry is for nuclear missiles to start flying, or financial markets to crash, fear not, for these are scenarios fit only for Hollywood. On the other hand, much concern surrounds the safety of using credit card details over the web. There was a case in America recently where a hacker broke into a website and stole thousands of card numbers. However, he was soon apprehended, and the truth remains that fraud is more likely to occur when using a credit card over the phone than on a secure website. Businesses at risk have taken to calling on counter-intelligence hackers, hardened computer experts who will test a company's systems to the limit in an attempt to find holes and, if they do, help to close them. A number of methods have also been developed to stop denial of service attacks before they get too serious.
So the establishment is striking back. But there's a catch: effective defences take time and money to install, so compromise is inevitable. In Hack the Planet Microsoft pleads this defence for having bug- ridden software; ironing out every problem would take forever and render the product prohibitively expensive. So we might simply have to accept that holes will exist, and that as long as they exist, there will also be people willing to exploit them, for good or bad. The question remains, though: should we be concerned? "To the level of media hype, no," says Blaine Price. "But people shouldn't be complacent. The biggest problems right now are the script viruses, such as 'I Love You'. Don't trust everything you read on email - and never run programmes provided by a company you can't sue."
TV PROGRAMME Hack the Planet (00.30 Wednesday 6 September & 01.00 Friday 10 November)
OU COURSE Computing: an object-oriented approach (M206)
WEBSITE www3.open.ac.uk/courses


MAIN INDEX

REFERENCE GUIDE

TRANSCRIPTS

GLOSSARY

Chaos Quantum Logic Cosmos Conscious Belief Elect. Art Chem. Maths


O-Zone File Info: Created 8/2/2006 Updated 12/9/2016 Page Address: http://leebor2.100webspace.net/Zymic/hacker.html