Embed Size (px)
Citation preview
TO CATCH A~'
\.
participants: top.M006969; below.Razor
I'M IN A rental car with acouple of beefy computerhackers headed for the LasVegas desert. The guy at thewheel looks like a cross be-tween Jerry Garcia and an agingRambo. In the trunk is a Russ-ian-designed, Chinese-madesemiautomatic rifle, several9mm semiautomatic handgunsand enough ammunition towage an assault on a casino.
Two motorcycle cops are cir-cling back, accelerating towardour car. Rambo is muttering. Hewanted to eat breakfast at Taco
___ Bell but we preferred McDon-ald's. There was a last-minute lane
~ change, and the cops are pullingCIl us over. Rambo gets out slowly,
leaning heavily on a wooden cane.
His straggly gray hair is so long itnearly covers up the words on theback of his T-shirt, "Hard GlockCafe." On the front of his shirtthere's a picture of the Glock hand-gun, right there for the officer tosee.
Rambo can't find his registra-tion. He's tearing through theglove compartment, the backseat, the sunglassed motorcyclecop watching every move. Whatif he asks to look in the trunk?
If the scene sounds strange,consider this: Rambo and theguy in the seat next to me arepremier corporate hackers,technical top guns who earnhundreds of thousands ofdollars to attack giant infor-mation systems and find
Top. Dr. Nick; below.Artimage
Top, A.J. Effin Reznor;below, Priest
Top, Richard D.Thieme; middle, Real;bottom, Vanna Vinyl
Top, Vanna Vinyl;middle, Opiate;bottom, Sin
vulnerabili-ties. To under-stand how theguns and copsfit in, you needto know whatdrew these hack-ers to the desert.
Last night, DefCon V blasted off,the fifth an n ualgathering of com-puter hackers, phone
phreaks, programmers, futurists and civil lib-ertarians. I'm a three-timer, a veteran of thefirst Def Con in 1993, attended by perhaps 50mostly scmffY youths at the Sands Hotel &Casino. Since then, Def Con has grown twenty-fold, leaving in its wake damaged hotels, color-ful arrest records, and growing interest fromcorporate executives and major media. This year,
as usual, itwas a stmg-
gle to find ahotel willing
to host theevent.
But Def Con isdifferent this
year-and not only because1,000 people have come, andABC's "Prime Time Live" isfilming it. Kids with backwardbaseball caps still show up, butnow so do the major lea-guers-guys like Rambo, whoworks for IBM. And morethan a few of the longhairsand kids with dyed do's atthe conference are earningsix-figure incomes forhacking or programming,
Top. Acid Angel: mid-dle. Commander
Crash; below. RichardD. Thieme
HACKERSwithout the benefit of a college ed-ucation. Hacking isn't just cool. It'salso profitable and, increasingly, re-spectable.
Tiger huntComputer: security is big busi-
ness and a growing worry for corpo-rate and government types. In a re-versal of company policy, Microsoftsent senior staffers to Vegas to breakbread with hackers (I'm speakingliterally: Microsoft picked up a$600-plus restaurant tab at the glitzyNew York, New York hotel and casi-no) and attend briefings with hack-ers skilled at finding bugs in operat-ing systems and software. Represen-tatives from Cisco Systems Inc.,Goodyear Tire & Rubber Co., IBMCorp., the Army and the NationalSecurity Agency made the trip, too.
And no wonder. Recent head-lines and studies suggest computersystems are more porous than everand attacks are on the rise. Earlierthis summer Mountain View'sNetscape Communications Corp.was embarrassed by a hacker whodiscovered a major bug in its brows-er and then demanded hushmoney-or he'd go to the mediawith the flaw. San jose's Netcomwas taunted by a teenager who re-vealed to the press that he'd beeneavesdropping on the Internet ser-vice provider's voice mail since hewas 13. Web sites have become fa-vorite targets of the computer un-derground, and in the last yearWeb pages at the Justice Depart-ment, CIA and Air Force have beentampered with.
"Half of all reported break-insare what we call hit and run attacks,graffiti attacks," says EugeneSchultz, director of SRI Internation-al's information security consultingpractice in Menlo Park. "The goal isdisruption or destruction." ButSchultz and others say these mostlyamateur attacks are part of a broad-er problem. A 1997 ComputerCrime and Security Survey by theSan Francisco-based Computer Se-curity Institute, with the assistanceof the FBI, found that corporate fi-nancial losses from computer secu-rity breaches are common. Seventy-five percent of the nearly 250 orga-nizations that responded to the sur-vey reported financiallosses-everything from financialfraud to theft of proprietary infor-mation, sabotage and computer
WEST 10 AUGUST 10.1997
The lobby of the Aladdin's casino isfilled with young hackers-some ofwhom try to use their computers to
beat the casino.
iT Hp\SBECOME Hp~RO
TO FiNO p~HOTEL
TO HOSTOEF CON iN
Lp~S VEGp,S,p, C iT'1 T HAT
~~~ELCOMESPORN
CONVENTiONS.viruses. The estimated total losses:more than $100 million.
"Network security was badenough' before electronic com-merce," says Richard Power, direc-tor of the Computer Security Insti-tute. "Then companies openedtheir enterprises to the Internet."Power recommends companies testtheir security by hiring IBM, SRI In-ternational and other reputablefirms to do "tiger" or penetrationtesting. Think of it as like paying aprofessional safecracker to breakinto a bank vault: Experts try anumber of methods to hack into acompany's computer network, andthen prepare reports showingwhere weaknesses lie. "It providesempirical proof of a company's se-curity or insecurity," says Schultz,who heads a 14-member tigerteam. "In other words it's a wake-up call to management."
Security checkups range from afew thousand dollars to check a sin-gle network server to hundreds ofthousands for enterprise-wide,months-long investigations. Toppenetration experts earn more
than $200,000 a year. Although ex-perts warn against hiring hackerswith a criminal past or under-ground connections, people whofit tl1e broader definition of hacker(clever programmers who don'tknow the meaning of impossible)and computer security profession-als are meeting, comparing notes,finding new common ground andcareer opportunities.
"I used to look at these confer-
ences as events for kids in black T-shirts," says Michael Hanis, a vicepresident of information technolo-gy security consulting at WellsFargo Bank in San Francisco. "NowI think of it as a nice quality-testingenvironment for improving soft-ware."
Beyond the pranksIf you're wondeling what Def
Con stands for, the term, as every
hacker knows, is prominently fea-tured in the classic hacker flick"WarGames," and is short for De-fense Condition, militaryjargon forhow close we are to nuclear war.
Def Con I nearly capsized whensecurity at the Sands Hotel & Casi-no booted out three 17-year-oldstrying to sleep overnight in themeeting room. Hackers consideredgetting even: An attendee offeredthe conference's promoter the
password to the computer that ranthe casino's operations. Fortunate-ly,he turned down the opportunity.
At Def Con II, the favorite gamewas "spot the fed": vying to identifyFBI agents, Secret Service men andNSA spooks who study, record andfilm the computer underground.Routine pranks have includedmessing with hotel phone switchesand video checkout systems. (Spir-ited sorts removed parents' blocks
on X-rated tare.) One year some-one yanked a fire alarm out of theceiling, dropped it in an elevatorand pressed the down button, rip-ping out a floor of cables. In 1995,a couple of hackers downloaded1,700 credit card numbers fromTower Records to show off at theconference. They went to Def ConIII all right, and returned home tofederal prison sentences.
Last year, female Def Con atten-
dees-a growing contingent-began playfully whipping one an-other, until hotel security burst intothe meeting room. Dark Tangent,the clean-cut 27-year-old promoterof the event, was ushered out of theMonte Carlo Resort & Casino be-fore guards could find him. He hidin another hotel until it was clearhe wasn't a wanted man.
It has become increasinglytough to find a hotel to host the
AUGUST 10.1997 11 WEST
HACKERSsummertime free-for-all in LasVegas, a city that welcomes pornconventions. Last summer, theMonte Carlo faxed virtually everyother hotel in town about thevolatile conference-goers. This year,Dark Tangent found a home in thefading Aladdin Hotel/Casino byvirtue of a hacker-like trick: Hemodified the name of his Seattlecompany to DC Communications.
The hacker ethicBut the fifth Def Con is more
than a series of goofYepisodes andpranks. This year the conferencerose above its amateur roots andcelebrated the creative hacker, thatsymbol of everything wild andfrightening in technology.
WEST 12 AUGUST 10.1997
"Here's how it works," the long-haired individual who shall go un-named tells me between slugs on afoot-tall plastic beer glass shapedlike Aladdin's lamp.
I've clocked maybe three hoursin Vegas, and I'm already facedwith one of those prickly hackerdilemmas, the nebulous gray areawhere establishment ethics andelectronic exploration collide. Is hetalking about a crime or a cleverhigh-tech dodge?
"Youhit 9 and then zero on thephone," Longhair continues, de-scribing how to get an outsidephone line. Then, he explains howto theoretically do something thatmight capitalize on an allegedglitch in the hotel's phone switchand save you the hotel's 75-cent ac-cess fee.
Another guy at the table, whohas wrapped a softball-size wad oflunch meat in napkins, has a moreprimitive approach to hacking. Heplugged his in-room safe into thewall outlet to try to evade payingthe $2 a day fee, an experimentthat did not go quite as planned."His safe is not working," saysLonghair with a chuckle, addingphilosophically, "Sometimes youhave to break a few things."
Two tables away,Paul Leach, anarchitect in Microsoft's WindowsNT group, chews on his lunch. Hehas come for "Black Hat Briefings,"a relatively tame pre-Def Con eventdesigned for corporate and govern-ment officials willing to pay $1,000for two days of talks witl1 hackers.In a session yesterday, a hackernamed Mudge pummeled Leach
with alleged password weaknessesin Microsoft Windows NT. Mudgeclaimed that in little more than aday he could crack all the pass-words of a 40,00O-employee corpo-ration.
Leach doesn't mind being inter-viewed, but like most corporatefolks here he seems to have forgot-ten his business cards. So far, nearlyevery corporate-government typeI've talked with offers only a firstname. As at a 12-step recoverymeeting, it's unfashionable to betoo nosy. I learned this when 1 meta fellow who said he works for theintelligence community.
"Which one?" I asked."Let's keep it a community," he
said with a smile.Paul Leach says he's cool with
true hackers. "It serves as a de facto
review," he says, "as long as theyfollow the hacker ethic and tell thetargets before they reveal thebugs."
Hacker ethic? It's a term that'sbeen kicked around for decades,and it means something differentto the guy at Microsoft than to theguy who just hied his wall safe. Itall depends on where you get yourmoney. If you're hacking for thefun or challenge of it or gettingpaid by a corporation or the gov-ernment, you're probably follow-ing the "hacker ethic." Criminalenrichment, motives of revenge ormass destruction-e.g., majorcredit fraud, Web site slamming,erasing your former employer'sbilling records-generally don'tqualifY.
So who does Microsoft Man
The audience, including DeadAddict, an earlier speaker hereperched on a table, listens to one ofthe convention speakers.think are the true ethical hackers?"Mudge, Hobbit, Yobie," Leachanswers, sounding as if he's nam-ing characters out of Tolkien.Hobbit divides his time betweenresearch and consulting in com-puter security. Yobie Benjamin isthe chief knowledge officer ofCambridge Technology Partners,a consulting firm. Mudge has thecoolest job description listed inthe conference program: "Mudgeworks for a 3 letter org-dnizationthat deals heavily with security,cryptography and various other in-sundary [sic] fun projects." Thetrio is well known among thecyber-elite for uncovering andpublicizing bugs-frequentlythose found in Microsoft software.
Which naturally leads Leach toexpress his main concern: Exces-siveethics, like anything overdone,might be a bad thing. "We mightget a reaction that borders on hys-teria, like the electromagneticpower lines problem," he says,gri-macing. "The reality might be farless dangerous than the hype. "
After lunch, Hobbit, who isshort and very smart and wearinga psychedelic shirt, is telling aroom crowded with corporate andgovernment types that puttingdata on a Microsoft network isabout as safe as walking down abadly lighted city street alone. "Itturns out the. best attack is to walkup to the door and twist theknob," he says. "If the front attackdoesn't work, you can try.... "
Leach arrives and Hobbit con-tinues his rdnt. "Ifit [the software]does anything it's useless.... Oncein, you can do a whole lot of nastythings, remote administration,viruses .... "
"Hobbit, this is wrong!" Leachshouts, jerking his hand up with-out peeling his eyes from the tech-nical paper Hobbit has distrib-uted. The outburst stirs murmursin the back row. "I'd like to try tohold the questions until later."Hobbit coolly announces.
Mudge brushes aside his locks,taps my wrist and whispers with agrin, "This is brand new to Mi-crosoft. He's showing how tobreak a [Microsoft] fix." Mi-crosoft, to the hackers' delight,seems to be finding that patchingbugs in its software is like trying to
CONTINUED ON PAGE 24
POOL SALEANY
SHAPEOnly
~15,500*Any' Shape 3 ft. to6 ft. Deep Up to80 ft. Perimeterand 400 sq. ft. . '"
'Includes Real Brick coping Z.
N0 ~!!~!~~ni~ESI~~p ~~~~~!~~~nconstruction from deep end of poolDown .AII!ool pions, permits, to equipmentan sales tax • Deluxe shallow-endPayment . Pool excavation from stepsshallow end • 80' Elec. w/time clock
100% Financing • 2 HP energy • Underwater lighto A (,,0 efficient pump • FIBERMESH'"gunite• • • "O\ll;;,,\). 350 sq. ft. cartridge
rc."O\llp filter applicationFREE • 6" of beautiful • Maintenance kit
ESTIMAJES ceramic tile • REALBUllNOSE• Two coats white plaster BRICKCOPING
7 Days a Week
Come see our display 0' poolsGILROY/MORGAN HILL
636-1505LOS ALTOS/MTN. VIEW
493-7926
1495 S. Winchester Blvd.(1/4 mile N. of Hamilton) San Jose
866-6893Northern California's largest pool builders
Single? ch~~~hat!If you are eoLfege-eOucated, ready to/ind the rightperJOIl alld drop out of the dating Jeme /ore"eljcall IIJ for more in/ormatioll.
At Perfect •• Match• We stand behind our performancewith a money-back guarantee.
• We work with our clients until theyare matched.
Perfect~ Match(510) 947-6006
Offices in Walnut Creek and Sunnyvale
WEST 24 AUGUST 10.1997
HACKERSCONTINUED FROM PAGE 13
plug holes in a sieve with asingle finger. Leach is silent,nervously popping a penback and forth in his handsbehind his back.
"Does Microsoft want tobe wide open?" Hobbit rubsit in, using slides to docu-ment supposed weaknessesin how Microsoft protectspasswords. "Microsoft is nohelp, so who's going to dothis? Security people andhackers."
Hobbit goes on: "What ifthe Big Six [accountingfirms] start disrecommend-ing these products? It mighthurt their wallets." As thecrowd applauds, Leachrushes up to Hobbit. But it'snot the angry confrontationyou might expect. Leachsimply wants to whip his lap-top out of his briefcase toprove Hobbit is wrong onsome claims. Hobbit is con-ciliatory. "I apologize if thatsounded abusive at theend."
At Def Con, hacking Mi-crosoft approaches perfor-mance art, with peoplecompeting to outdo one an-other. Later that evening, Icram into a taxi with somehackers. The guy in thefront seat starts spinningdials and punching keys ona small electronic device.
"What's that?" the cabdriver asks.
"It's a scanner," hereplies.
"How much?""Three bills."Seconds later, the taxi's
frequency crackles throughand the cab driver laughs atthe sound of his dispatcher.The hacker pivots and getsin my face. "You can't printour names, all right?" Aminute later, he's switchedfrequencies and pulls thetiny microphone to his lips.
"We've had some prob-lems with Paul Leach," hesays in a serious voice. "Weneed to run a check onhim. What's his room num-ber?"
"Who's he talking to?" Istupidly ask my seatmate.
"Security at the Aladdin,"he deadpans, as the other
riders laugh wildly.Merging vviththe enenlY
Minutes later, we've got atable at a Vegas facsimile ofan English pub, brimmingwith fish and chips, lagerand nearly a dozen hackersand hangers-on. A clean-cutguy who looks as if hestepped out of a '70s frathouse pulls up a chair andorders a beer. He's Fred tothe hackers. Fred works forthe accounting firm PriceWaterhouse.
"I do penetration andprobing," he says beforeapologizing to one of thetwo women at the table.Fred loves Def Con. "Some-times it's over my head," headmits, "but I come backwith great stories for mytalks." Fred had barelywalked into his first Def Conconference a few years backwhen someone pointed athim and shouted, "Fed!"Fred said, foolishly, that hecould neither confirm nordeny the allegation. "What amistake!" he says now. "No-body talked to me for therest of the conference."
Chris, a twentysomethingDefCon veteran, iswarmingto a leggy, dark-hairedwoman from Santa Cruzand talking about the com-mercial prospects fortoday's top hackers. One ofFred's competitors "offeredme 170 grand a year, six toseven weeks' vacation,"Chris says, flashing plasticfangs. "Fifty percent of mytime can be spent on re-search." He grins as helingers on the words, hishand working up his com-panion's thigh.
Back at the hotel bar, Ihave a drink with one of thehackers I met at the pub.Mter he's carded, he tellsme his story, the one he'shiding from his fellow con-ventioneers. Upon gradua-tion six years ago-fromhigh school, of course-hein terned for Microsoft.Soon he was consulting. Mi-crosoft never suggested hefinish his degree and hedidn't see the point. He'shappily married now with akid, and just signed onto
the Mother Ship, confiden-tiality agreements up thewazoo.
Microsoft wouldn't betoo happy about his attend-ing Def Con, he says, twist-ing his backward baseballcap. He has a handle in theunderground and knowsm;:yor vulnerabilities in Mi-crosoft software, but nowhe's got a hefty salary andstock options he figures willmushroom to a third of amillion in a few years--wellbefore he's 30. The newestMicrosoft Man, famous fornot sleeping through theentire hacking convention,sighs, his puppy dog eyesmelancholy. "This is proba-bly my last Def Con."
A povver issueFriday afternoon, the
convention yawns to life, thegreat hall thick with teenageboys sprawled out on thefloor tapping on laptops,and earringed vendorshawking T-shirts with slo-gans like "Microshit. Be OurSlave," or "Big Brother In-side," and used cell phonesat $10 apiece. The usualparanoid books are forsale-"How to InvestigateYour Friends, Enemies andLovers."
Since yesterday I've beentrying to corner this plat-inum blond, sunglassed,major-pumped dude by thehandle of Route. He editsPhrack, a popular under-ground 'zine, and from theofficial Black Hat program Iread that yes, he performs"tiger team analysis of cor-porations." I've checkedwith Mudge and others whogive the Walnut Creekcoder a thumbs up talent-wise, but Route is hard totrack down.
Now that the legions ofhackers, wannabes andleather and chains have ar-rived, the media have, too.The longer or more neonthe hair, the more journal-ists line up to interview andtake photos.
Finally, I spot Route'schiseled form, and ask himif he's got a minute. But he'sstriding fast. "We'll talklater," he says with a wave.
0;6.
I
Some Def Con participants launch a balloon near the Air Force's top-secret "Area 51." After anearlier prank, a fighter jet scrambled from the airbase to check the radar disturbance.
"ABCis waiting."An hour later, I hop in
the front seat of a hacker'srented white convertibleMustang ($170 a day, plusinsurance) and we cruiseinto the cartoon backdropof the Strip: three hackers,myself, and a female re-porter squeezed between acouple of hackers in back,positioned on the trunk likea girl in a parade. Rich, a 23-year-old with a strut whodoes the suit thing at amajor New York bank, ex-plains what makes Bob-the clean-cut tiger testernext to her-so cool.
"He's God. When a hack-er breaks in he leaves a sig-nature. Bob finds that signa-ture." The female reporteris impressed. "It's rad," Richsays, cranking up the JonesGirls' "Nights Over Egypt"until we feel the bass. "He'sthe best."
At the fashionable Mi-rage, we stroll over to arestaurant table and thesubject is starting your owncompany. "I have peoplelined up to give me money,"Bob says,already the benefi-ciary of one public offering.His face glows as he de-scribes the benefits offounders' stock.
"Watching 10 of yourfriends become million-aires," he says quietly, "is a
quasi-religious experience."Rich tosses up a companyidea and Bob shoots it downlike a target in a video ar-cade. But the kid bouncesback. He floats his otheridea for a company, and thistime Bob is impressed. "I'vegot the same idea," Bobsays, pausing dramatically."Add one piece and youhave the potential to takeover the world."
Rich grins broadly andorders his steak medium.But all the talk of easy hack-er money doesn't kill thedarkest fear of even the besthacker. Somebody new is al-ways hoping to bump you."I love what I do," Rich, whowas once known as MasterChemist, says earnestly. "Ianticipate I'll be doing it tillthe day I die. But I'm wor-ried about the kid in theninth grade. By the timethey graduate [from highschool] they know access."
"You're saying that soonthese kids will be the equiva-lent of unskilled labor," Bobsays.
"I'm saying someday I'llbe old and slow."
Bob tells him not toworry. "The people they'returning out [from school]are idiots."
So what, then, doestoday's earnest young hack-er need to get ahead? To
make it as a corporate hack-er, my lunchmates say, allyou've got to do-alongwith being a crafty coder-isknow the computer buzz-words and fudge your re-sume-usually by lyingabout your age.
Rich says, "My job be-fore-I can't say the namebecause I'm under an NDA[non-disclosure agree-ment] , I got it through abody shop [a computer con-sulting firm]-I was theCIO [chief information offi-cer]. I told them I was 28."
One thing these guyswon't lower themselves to isa programming test. "It of-fends my sensibilities," Richsays. His line when he'sswitching body shops?"You're not going to makeme fill out a form, are you?"Nick is a slick, cigarette-puff-.ing 18-year-oldNew York so-phisticate known for don-ning several thousand-dollarItalian suits at Def Con; hewas featured as "Razor" in aDetails magazine article onhackers. He says simply:"You walk in and say yournumber [hourly rate], andif they don't want it you walkout." "Because I am thatNinja," jives Rich, addingwith a chuckle: "I am mis-sion critical. "
Outside, artificial mistcools the broiling desert air
Abraham Zachariah, M.D.Certified by the American Board of Cosmetic Surgery· Full fellow AmericanAcademy of Cosmetic Surgery. American Society of Liposuction Surgery
I CISMOIC SURGERYI..,ith Care &AUenl;ionTo Detail• Breast Enlargement• Liposuction• Laser Skin SurfaCing• Laser Hair Removal (painless)• Facial Cosmetic Surgery
& more
K Take the Bite Out of AgingNU-DERM' Nu-Derm Cream Program is,·,"ON,", 'N"'N "',,", designed to provide lighter,
smoother, healthier, younger lookingskin regardless of age, color or skin type.
The Most Up-To-DateIn-Office Surgical FacilityIn The South Bay .
Call For Your Complimentary Consultation
408-374-9092555 Knowles Dr. Ste.117 L.os Gatos
MANTELSFor every fireplace
CABINETRYFor every room.
WOODMASTER DESIGNSCustom woodwork at factory prices.
Factory showroom: 30489 San Antonio St., HaywardM-F 9-5:30/Sat. 10-2 • 510-487-1706
We conSUlt, measure, pre-finish, install
cf:.n~/£, successful?
htractive, selective?
cfimply too busy?
~.../tJ~
rit specialize in openingdoors to new relationships
Making Matches Since 1984
Jill Kelleher
KELLEHER &ASSOCIATES
408 255-4111415332-4111 • 510938-4111
AUGUST 10,1997 25 WEST
------- -------
You can experience the ultimate inaward-winning luxury in a Lifetime Pool
• We put YOU as Our #1 Priority• We have 35 years experience in
swimming pool building!• We have a solid reputation for
consistent, quality construction.Old Pools Made to Look New ...Ask Us How
San Jose: (408) 248-9711
Fremont: (510) 795-7070
Sunnyvale: (408) 738-1576
Palo Alto: (415) 494-7070
WEST 26 AUGUST 10. 1997
HACKERS
as we wait for the valet tobring the white Mustang.Talk turns to the chains,spikes and leather that areso much a part of DefCon, the celebrated hack-ers who openly flaunttheir fondness for S&Mand bondage.
Rich explains it: "Hack-ing is a power issue," hesays, waving the tip he'sabout to hand to the valet."People need you."
In full svvingSometime after 9 p.m.,
the conference officiallykicks off with HackerJeopardy. ("He wore afrilly dress and was incharge of the FBI." "Whowas J. Edgar Hoover?")Panelists who err mustgulp down a swallow ofbeer.
The sign that Def Con isin full swing is the arrival ofhotel security. Minutes afterstepping from the podium,the Chris I'd watched work-ing his girlfriend's thigh istaunted. Some guy sneersthat it's too bad about whathappened to his "boxes,"hacker rap for an attack onhis computers that cost himthousands of dollars. Chrisspits, and the taunterpunches--from behind. Se-curity beams down andthen a polished San Francis-co lawyer hot to representhackers negotiates on be-half of her "clients." Shequickly defuses the situa-tion: They get banishmentfrom the hotel, no jail, nofine.
The female factor at DefCon is proof that hackersand computer security arenow cool. I interview twoprofessional women from aBig Six accounting firm.One is a CPA, the otherworks in computer security,"trying to gain more knowl-edge to protect clientsagainst unwanted intrud-ers." Just how different isthis from past conventions?Let's put it this way: Attrac-tive women without bodypiercings didn't go to DefCon. As one veteran hacker
THE FEMJ\LE
Fp,CTOR p,T OEF
CON IS PROOF
THp,T Hp,CKERS
ANO COMPUTER
SEC URI r~P, R E
NO~' COOL.
puts it, shaking his head,"What is it with the babes?"
I introduce the Big Sixaccounting women to an-other Chris, one of the na-tion's premier tiger testers,and a former member ofthe notorious Legion ofDoom hacker gang. Chrisand two fellow tigers join usfor a little dancing at TheDrink, Vegas' hottestnightspot. These guysthump confidence. One ofthem-not Chris--has thisthing where he touches apart of nearly every well-pro-portioned woman whosaunters by,bare midriffs, el-bows, hair. I keep expectingsomebody to slug him, butthe women don't evenreact.
Handguns andhired guns
The desert and moun-tains stretch before us,downtown Las Vegas just amirage. The cops didn'tlook in the trunk, and theydidn't find the guns. Andafter grumbling about the$150 fine for the illegal tumand missing registration,Rambo is ready to move onto more critical matters. Hepasses the empty reservoirthat our directions said wasa lake. At the sign that says,"Wild Burros. Do not feed
or harass. $25 fine ANDTHEY BITE," he hangs aleft on a dirt road tonowhere.
A rock clangs againstthe car's underbody andRambo winces as the carwobbles like a toy boat ina tub. A mile or so later,Rambo pulls over amidcactus, brush and dirt.
As the second car inour group lurches to ahalt in a cloud of dust, theweapons emerge: a .357Smith & Wesson, several9mm semiautomatichandguns, and, of course,that Chinese-made semi-automatic rifle. No one issure whether this is wherewe were supposed to goand whether it's legal, buthey, it's fur enough off theroad, a hill makes for asafe backdrop, and there'sall that ammunition in thetrunk just waiting to be
fired.A few minutes later, I'm
walking through the desertshaking up diet root beercans and sticking them onboxes. Shadow, a bulky kidfrom Fremont in jeans anda green canvas shirt, joyfullyexclaims, "1 love destroyingdiet root beer!" Rambo, histwo 9mm handguns hol-stered, and his earmuffshanging around his neck,repeats the rules of fire,looking into the eyes of theshooters as he finishes witha simple non-negotiable de-mand: "No assholes." 1 takeup position 15 feet behindthe hackers, with Shadowand a couple of other unfor-tunates who don't haveguns.
"Load and make ready,"Rambo orders.
The chambers click in,the earmuffs slip over. Isqueeze my eardrums tightwith my fingers.
Rambo's first shot ex-plodes a soda can, sending aplume of root beer skywardand launching respectfulcheers from the peanutgallery. Pap, pop, pap, go theguns, interrupted by an oc-casional schwiiiiiing as a bul-let ricochets off'a rock.
After about half an hourof plugging my ears, I
" ..... giving newhope to those insearch of a buff,hai r- free bod."
WMagazine
The hair removal process that haseverybody talking:
• SoftLightSM Hair Removal system.• Patented laser-based process erases hair
quickly and gently with lasting results.• Call today for a complimentary consultation.
brought to you by
Robert M. Lowen, M.D.Diplomate, Am. Brd.of Plastic SurgeryFellow, Am. Societyfor Lasers in Medicineand Surgery
305 South Drive,Suite 2Mountain View, Ca94040
415-965-7888800-888-7474www.enhanced-you.com.
Certified SoftLight™ Physician
())/ The'u:J&Una/eu#6aa
INTERNATIONAL
One Sansome Street, Suite 2000San Francisco, California 94104
Sillce 1983
WEST 28 AUGUST 10. 1997
HACKERS
squeeze off a round from a9mm semiautomatic andearn some respect by knock-ing back a can of root beer.Rambo arranges a contest,and looks like the winnerwhen he cans his soda in3.34 seconds on his firstshot. But Shadow squeezeslike a pinball wizard andnails his third shot in a blaz-ing 2.13 seconds.
Then it's the grand fi-nale. "What about shootingat Bill Gates?" Shadowshouts. Chip, a joviallBMerwith a hearty belly and a T-shirt that reads, "Life is tooshort to smoke cheap cig-ars," pulls out from the cara target of a mugger wavinga gun, and writes "BillGates" on it. Even BigBluers, it seems, love tohate Microsoft.
The target is destroyedby a fusillade.
"I want to thank you allfor satisfying my personalfantasy," an ecstatic Shadowannounces, "We shot thes-t out of him."
As we get in the car,Rambo suddenly looks fa-miliar. Not too long ago anIBM hacker-one of theworld's premier tigertesters-was featured in amajor New York Times arti-cle. "That was me with myparrot on my shoulder,"Rambo says with a smile."IBM rents me out." Nick(Rambo's real first name)was barefoot in the Timesphoto, shown working fromhis Boca Raton, Fla., home.The self-taught programmeruses Linux, a free programthat is the favored operatingsystem of many hackers.
It all makes sense. Some-how I'm not surprised thatthe guy leading the desertshoot is a highly respectedand well-paidcorporate hack-er, the ideal to which manyDef CAlnattendees aspire.
On the leisurely driveback to Vegas, I ask Ramboand Chip about corporatehacking and their thoughtsabout their amateurbrethren.
"We're $3,000 a day-per person," Rambo says,
"plus travel, plus living."Chip jumps in, "We're bigguys, we eat a lot."
So how does this work?How does one authorizeRambo and Chip to crack amultinational corporation'scomputers? The hackersgive the clients boilerplate"intrusion" agreements andinstruct them to retypetheir legalese on their owncorporate stationery."They're specifically autho-rizing us," explains Chip."It's all illegal" without theagreements. "There are notime limits. They accept allliability. It scares the livingdaylights out of them."
Rambo and Chip consid-er it their job to find pro1:rlems, and thus they oftenfind themselves purveyorsof bad news. It's not for thefaint-hearted, says Rambo:"If they want fairy tales,don't call us."
Nor do they see them-selves as part of some esta1:rlishment crackdown onhackers. "We're not in thebusiness of putting hackersin jail," Chip explains, say-ing playing cops and rob-bers doesn't pay for corpo-rate America. "Leaving yourcorporation at risk [frommore intrusions while lawenforcement investigates]and spending time andmoney with feds is expen-sive." What about BugBusters, hackers like Mudgeand Hobbit? "Anyone whofinds and publicizes vulnera-bilities is good," Chip says."What can you say badabout these guys?"
Before I check out of theAladdin, I'll talk to the hack-er who led a troop in aHumvee out to the AirForce's mysterious Area 51,released a makeshift heliumballoon wrapped with foil totrip the radar, and watchedwith amazement 14'/2 min-utes later when a Navy F-something screamed within500 feet of the provoca-teurs. I'll find the piratehacker radio station puttingon a demonstration of tech-no free speech: Up in a DefCon suite, the pirates arebroadcasting on 99.9 FM,playing swiped local FBI
and law enforcement trans-missions, eerie music andhacker interviews. And I'llsit Nirva down for a chat.Def Con's resident cyborg,Nirva's hair is flamingo pinkand electric blue, a spikesticks out of his lip, steeltwirls from his ears-whathe dubs "projects." He's ,.slowly unwrapping the Acebandages on his wrists as hetells of the operation he un-derwent a month ago, theinsertion of large surgical-quality steel rings under theskin on the top of his hands.
"It's subtly extreme,"Nirva says of his motivationfor making the backs of hishands resemble symbols leftby aliens.
There are plenty offreaks here at Def Can,computer drones who cravethe attention they can at-tract by dyeing their hair orstrapping on leather andsteel. Nirva, surprisingly,isn't one of them. His nameis Danny Dalai and he pro-grams for the Wall Street in-vestment firm D.E. Shaw &Co. After a year and a halfof high school, Nirva en-tered a school for "degener-ates," passed his equivalencyexam in three weeks andwas soon consulting. His fa-ther designs jet engines forBoeing and GE, and hismother "starts companies."Nirvajust turned 20, and hesays that between his D.E.Shaw salary and selling hisown programs he'll makenearly a quarter million inthis, his first full year ofwork.
But I wouldn't bet onthis soft-spoken, articulateprodigy becoming a compa-ny man. Nirva may be theperfect poster boy for theNew Hacker Generation. Ashe covers up his implants,he smiles and says of hisWall Street employers, "I'llbe there as long as theykeep me happy." !II!
JONATHAN JJ7TMAN is theauthor of "The Watchman:The Twisted Life and CrimesofSerial Hacker Kevin Poulsen,"published by Little, Brown.His e-mail address [email protected] .
