July 31, 1998

Hacker Convention Takes On a Corporate Tone

LAS VEGAS -- "Dark Tangent," the founder of the annual hacker convention known as Def Con, isn't the arch-criminal you might expect, stealthily breaking into corporate America's most private systems. Instead, he's having corporate America over for lunch -- and its managers are paying handsomely for the privilege.

Christine Thompson / CyberTimes

The sixth-annual Def Con opens Friday in Sin City, and some 2,000 rowdy hackers and their groupies are expected to attend. But on Wednesday and Thursday, Dark Tangent -- whose given name is Jeff Moss -- hosted a conference and buffet lunches for a different crowd: 350 representatives from Fortune 500 companies, the military and law enforcement. Each paid $1,000 to hear hackers share their technical secrets.

"It's very fruitful," said Robin Hutchinson, a serious and clean-cut senior manager of electronic commerce for Ernst & Young, the accounting firm, which sent 11 computer professionals to the conference. "They've pulled together people who really know their stuff."

The phenomenon of leading members of the hacker underground sharing their expertise with the government and private industry is not new. A group of hackers from Boston even testified in front of a Senate committee earlier this year, reporting that the national infrastructure is vulnerable because of computer security flaws.

However, it has only been in the last year that hackers and potential hackees have come together at Def Con, which was once the domain of a close-knit group of anti-establishment ideologues -- rebellious both in attitude and attire. That faction will no doubt be in attendance when the real Def Con starts Friday, and some of them will be critical of the commercial tactics of their generally older (as in 30-something) colleagues.

But the drift towards corporate style was obvious at the prelude to Def Con, which looked like a convention of accountants or appliance salesmen. Attendees even wore name tags with actual names written on them instead of hacker monikers like "Mudge" or "Se7en." The talks were highly technical, featuring plenty of abbreviations (VPN, SNMP, GSM) that would be meaningless to non-engineers.

The clearest signs of the times may be the T-shirts Moss designed for this year's Def Con. On the back, they read, "I miss crime." Moss said the slogan narrowly beat out the runner-up: "Def Con VI: The Security World Sellout Tour."

Moss said the shirts' message is thick with irony. He said he is well aware that hackers -- once accused of thwarting law enforcement and threatening corporate America -- have increasingly turned to cooperating with companies and selling their services. In fact, when younger hackers accuse Moss and his more seasoned hacker colleagues of going corporate, he replies: Damn straight.


'Rate Your Representative' Sites Illustrate Voting's Complexity

New Anti-Pornography Measure Could Pass Constitutional Test

Business Technology
Microsoft Co-Founder to Buy 90% of Big Cable Company

France to Sell up to 30% of Thomson Multimedia

MCI Reports a Decline of 30% in Net Income for the 2d Quarter

Moss, a clean-cut 28-year-old who looks the antithesis of the stereotypical hacker, said the truly dedicated hackers plied their trade in search of knowledge about computer systems, not to cause trouble. Now that corporate America is paying attention, Moss figures his subculture may as well capitalize on the fact that hacker interests are mainstream. Attendance has tripled since the first conference a year ago.

"The computer problems are what's interesting," said Moss, who added that he is not interested in limiting himself to working within the hacker community. "I don't care if it's kids we're dealing with, or AT&T."

On Friday, Moss will be dealing with the "kids" again, and he will undergo something of a transformation. He said he will shed his sweater, don a T-shirt, grab a drink and relax. Even the setting will change. The Wednesday and Thursday conference, called the "Black Hat Briefings," were held in the Caesar's Palace on the famed Las Vegas Strip, whereas Def Con will be held at a hotel in the lower-rent downtown area called the Plaza.

The reason, quite simply, is that the Def Con hackers aren't welcome at most places in Las Vegas. Over the years, they've applied their intellectually devious talents to pernicious ends, hacking into casino Web sites and elevator systems, and, one year, ripping dozens of smoke detectors from the ceiling of a hotel hallway.

"Two years ago, I would have been figuring out how many sea flares to bring to put into swimming pools and fountains," said Christian Valor, who goes by the name "Se7en" online. "I would have been figuring out how much mayhem I could create."

These days, though, Valor won't even hang around for Def Con. He came only as a guest speaker to share his experience as a former "phone phreaker" -- someone who breaks into telephone systems -- with law enforcement and military personnel. Valor spoke not at the Black Hat Briefings, but at a second conference of the hackers and the hacked -- this one with 40 attendees who paid $800 for the two-day affair.

CyberTimes Special
Hackstock: A Reporter's Fact-Finding Mission

Valor said he once took great pride in being a part of the hacker underground, but he said he had recently turned 30 and did not have time to play around anymore. "I have to pay the mortgage, I have a car payment," said Valor, who said he'll earn $90,000 this year as a consultant.

"There's been a changing of the guard," said Valor, inhaling a Marlboro Light. "If these young guys want to take over the world, let them. We're too old."

That said, Valor planned a late-night get-together with fellow hackers Thursday to discuss how to talk their way into getting free hotel stays, airline tickets and first-class upgrades. Which is to say that the real business of Def Con may have just begun.

The opening conference "was like going to a university class," said Hutchinson of Ernst & Young. Def Con "will be like the frat party," he said.

Related Sites
Following are links to the external Web sites mentioned in this article. These sites are not part of The New York Times on the Web, and The Times has no control over their content or availability. When you have finished visiting any of these sites, you will be able to return to this page by clicking on your Web browser's "Back" button or icon until this page reappears.

Matt Richtel at welcomes your comments and suggestions.

Home | Site Index | Site Search | Forums | Archives | Marketplace

Quick News | Page One Plus | International | National/N.Y. | Business | Technology | Science | Sports | Weather | Editorial | Op-Ed | Arts | Automobiles | Books | Diversions | Job Market | Real Estate | Travel

Help/Feedback | Classifieds | Services | New York Today

Copyright 1998 The New York Times Company