“Originally ‘hacker’ just meant people who wrote code,” said Hulton. “And then there came around the term ‘cracker,’ which means people who break into systems. But then they just got melded together after a while.”
Did he think hacking was a fairly prevalent activity?
“I think it’s a lot more prevalent than people realize. Like, on Attrition?” He was referring to www.attrition.com. “Attrition is mainly known for its huge mirror of hacked websites. If a website gets hacked, people usually notify Attrition, and it grabs a copy of the page while it’s hacked and posts it. They keep a record of everything. Last year, they got around 3000 hacked websites mirrored on their page. And that’s only the reported ones. I’m sure plenty more were hacked, but smart people don’t want others to know their systems got broken into.”
What motivates these hackers? I asked Hulton.
“Partly, the thrill of showing their friends, ‘Hey, look what I can do.’ The hackers who are actually beneficial to the community write programs to patch vulnerabilities. Many of them are very well known programmers. For example, you may have heard of the L0pht?” He spelled it, so I would know the second character was a zero, not the letter O, and later I looked it up on the Internet; L0pht Heavy Industries was a noted computer-security firm based in Boston. “They’ve given a couple of talks in front of Congress. I guess Congress asked them how long they’d need to take down the Internet. And they said, ‘About 30 minutes.’ The head of it just got appointed director of research and development at this new corporation. He’s written a ton of really robust programs.”
Simple Nomad was on a par with hackers from L0pht, Hulton said. “He makes tons of contributions to the computer-security community. He finds lots of vulnerabilities in operating systems. You can go on nmrc.org and check out all the things he’s written. He works for BindView.” (That is, BindView Security: Proactive Security Management Software and Services.) “He has a real name, but everybody knows him as Simple Nomad.”
The hacker known as palante was impressive too, said Hulton. “He has won the [Capture the Flag] server award at def con for three years in a row. He makes modifications to the operating system, so that people who gain root on the system are still restricted. It’s really advanced stuff.”
Another hacker who was scheduled to speak in 2000 had no handle; he was already famous as plain old Mike Hudack. “When he was 15, the nsa [National Security Agency] attempted to recruit him,” said Hulton. “He had a website they would visit every couple of days. He’s working for a computer-security think tank now, in Connecticut.” (Later, Hudack confirmed these statements via e-mail from his office at the Knowledge Propulsion Laboratory.)
What was Hudack’s present age? Did Hulton know? “By now I think he’s 17.”
College was on hold for him, presumably?
Hulton laughed — a quick, low-voiced, telegrammatic heh-heh-heh-heh. “He kind of graduated early from high school too,” he said.
How old was Hulton himself? Despite his occasional “like” and “you know,” I estimated late 20s, early 30s. After all, he ran a conference as well as his own business.
“I’m 17. Almost 18 — next year.” No man of the world, he still lived at home with his mother in University City. (His parents were divorced; his father lived in Vista.)
And had he graduated from high school?
“Yeah. There’s a test, the California High School Proficiency Examination. Me and my friend took it on the same day last November and got out of high school that way.”
That friend, Ben Greenberg, was the cofounder of ToorCon and Nightfall Security Solutions, as well as co-inventor of RootWars. But Greenberg would soon leave the San Diego area. “He’s moving to Israel,” said Hulton, “to become a rabbi.”
Would Greenberg be at the upcoming ToorCon?
“Maybe on Sunday. He’s ultraorthodox or whatever, so he can’t be there on Friday night or Saturday morning. So he handed the whole thing over to me.”
When I got off the phone with Hulton, I called one of the people scheduled to speak that year. Like Hudack, Ron Gula used no handle. A 31-year-old communications-systems engineer, he had been trained by the United States Air Force; Gula, along with his wife, was cofounder of Network Security Wizards of Columbia, Maryland, and ToorCon was paying his way to San Diego.
“Yeah, hire a thief to catch a thief,” Gula conceded. “One of the main things Security Wizards does is reverse engineering of the hacker technique.” Beyond that, however, he hesitated to differentiate between good and bad hackers. “I personally don’t like to classify people. Traditionally ‘white-hat hackers’ are the good kind, and ‘black-hat hackers’ are bad.” Lately, however, he said he had been hearing the term “gray-hat hacker.” He had also heard people allude to black-hat hackers without really saying they were bad. “They just mean ‘very talented.’ Someone will say, ‘Well, nobody could break into this system except maybe a black-hat hacker.’ But that’s just lingo. None of it is well-defined. Some people consider hackers to be merely interested in how things work, like auto enthusiasts who soup up old Ford V-8 Mustangs. You’ve heard of the whole cracker-versus-hacker thing? But is a cracker a virus writer or what? It’s hard to say.”
And whom did Gula expect to be in attendance at ToorCon? This would be Gula’s first ToorCon, so that was hard to say too, except that the conference had been described to him as a hacker con. He guessed attendees would be similar to those at def con, where “50 to 75 percent — maybe more — have high-paying, commercial jobs.” Others who didn’t were looking for jobs. Hackers, he said, were increasingly being hired by corporations and institutions who realized they were vulnerable to attack and who knew that hackers were the people who could protect them.
Hacked by Doctor Nuker
Founder Pakistan Hackerz Club
Kashmiris are NOT Terrorists