August 2, 1998

The Hacker Myth Crumbles at Convention

LAS VEGAS -- Seventeen-year-old Heath Miller has come to his first Def Con hacker convention in full battle array, wearing a black T-shirt depicting a shrieking skull and army-green shorts so baggy they can keep his ankles warm. In short, he looks precisely like the devious computer whiz your mother warned you about.

Kim Kulish/SABA for Cybertimes
A computer hacker who goes by the handle "Etherbunny" dressed in phone companies' clothes (including a Lucent Technologies flag , worn as a cape) during the Def Con 6.0 convention at the Plaza Hotel in Downtown Las Vegas.
So much for first impressions. Miller is an excellent student, hopes to attend MIT and recently placed third in a national science contest with a project that it is not exactly a nefarious bit of hacking: He built a sensor system that lets school bus drivers monitor whether students are wearing their seat belts.

The sixth-annual Def Con is in full swing in Las Vegas, but anyone who came here looking for Public Enemy #1 may want to pack up his dragnets and go home. Turns out that for the most part, this convention doesn't live up to its reputation as a gathering of clandestine, underground hackers plotting to cripple the Pentagon via modem.

Instead, many are here just to party. Others are just young and bright, with creative minds and a passion for understanding computers. Sure, they might spend too many adolescent hours tanning by the light of the monitor, but that doesn't exactly make them the next coming of Hannibal Lecter.

There were some bits of mischief. Several hotel rooms were trashed and windows broken amid the post-pubescent revelry. Also, conventioneers discovered the radio frequency of the hotel security system, then used their own walkie-talkies to request that security personnel be sent all over the building. Hotel security figured out what was happening and ignored the requests.

"Then it just went away," said Joe Gruszka, a security officer at the Plaza Hotel, where Def Con is being held. "Now, every once in a while, we just hear giggling, that sort of thing."

Giggling over walkie-talkies? How can the Pentagon ever expect to protect itself?

This is not to say that Def Con is devoid of more troubling impulses. Many here would clearly like the bragging rights granted to the discoverer of some new hack (known as an "exploit") that can be used to infiltrate critical corporate or government computers. Def Con founder Jeff Moss said that the convention has its share of "malicious" hackers.


• Canada Tries to Bar Pro-Nazi View on Internet

• Easy Degrees Proliferate on the Web
• New Educational Software: So Long, Science Kits

Business Technology
• Mapping the Telecommunications Scene

• The Met's Finest Reinvented on the Web

The formal proceedings include talks on "hacking into the travel industry" and creating a false identity, plus an extensive session on how to pick locks.

And on Monday, Cult of the Dead Cow, one of the oldest and most respected hacking groups, plans to give out free copies of a program it claims can be used to hack into a Windows 95 or 98 computer from a remote location and essentially take control of it.

But Moss and others make a key, sometimes tricky, distinction: they say hackers, by definition, relish the pursuit of information, including how systems work and how they can be made not to work. But they are different from "crackers," whose overriding purpose is to hack into computer systems and destroy them.

For instance, the members of Cult of the Dead Cow defend their exploitation of a security flaw in Windows on the basis that they are pointing out a dangerous problem with the software, and also providing a possible tool. "There is a legitimate use for this as a network management tool," said a Dead Cow member, who goes by the hacker handle "Death Veggie."

Kim Kulish/SABA for Cybertimes
Hackers going by the handles of "Paydro", (L), Sloth and Spew, attended Def Con 6.0 convention in Las Vegas.
The convention undermines other hacker stereotypes. Moss, for example, is clean-cut, well-spoken and only a couple of cheekbones away from appearing in a J. Crew spread -- hardly the acne-scarred and tattooed misanthrope of hacker legend.

The trouble is, while most of the hackers vigorously denounce the media for mischaracterizing their behavior as nefarious, they also want to reinforce the mythology surrounding their craft. A handful of the younger ones, in particular, can be heard pointing out the likely "feds" in the crowd, and stating with melodrama thick as a malted milk that they would rather not discuss the illegal hacks they may or may not have perpetrated.

But the reverence for the mystique is nowhere more apparent than in their self-selected hacker handles. Some of the hackers treat their monikers like hard-earned honorifics, and they use them whenever possible. The name tags read like graffiti tags: Freaky, Phraud, Sloth, Paydro, Heph, Unix64. The bearers of these handles all declined to disclose the name that appears on their drivers licenses, presuming they are old enough to have one.

CyberTimes Special
Hackstock: A Reporter's Fact-Finding Mission

Related Article
Hacker Convention Takes On a Corporate Tone
(July 31, 1998)

"Spew," when asked how he got his name, said, "I've had it for a long time." Spew drove to Def Con from Sacramento, Calif., with Sloth and Paydro. All three are 17-year-old high-school seniors. Spew did say, though, that he was really just along for the ride. "Really, I'm more into playing games," Spew said shyly. "These guys make fun of me all the time 'cause I use Windows 95."

Aside from learning about the newest technology and hacking techniques, many hackers come here to meet friends they have previously met only online.

For example, Heph, an 18-year-old junior college student from Los Angeles, and Unix64, a 16-year-old from Scottsdale, Ariz., have over the last two years become virtual best friends through an online discussion system called Internet Relay Chat. They talk all the time online, but each managed to convince his parents to visit Las Vegas this summer so they could meet in person and attend Def Con.

After they met on Friday morning, it was on to the serious stuff: hearing from established hackers about how to expand their knowledge of the Unix operating system.

"I am SO into Unix," said Unix64, clad in an Arizona State University baseball cap and "South Park" T-shirt. "I'm here to sit in on the lectures and have fun. Mostly what's fun for me is learning."

Unix64 had better be careful. He'll give Def Con a bad name.

Related Sites
Following are links to the external Web sites mentioned in this article. These sites are not part of The New York Times on the Web, and The Times has no control over their content or availability. When you have finished visiting any of these sites, you will be able to return to this page by clicking on your Web browser's "Back" button or icon until this page reappears.

Matt Richtel at welcomes your comments and suggestions.

Home | Site Index | Site Search | Forums | Archives | Marketplace

Quick News | Page One Plus | International | National/N.Y. | Business | Technology | Science | Sports | Weather | Editorial | Op-Ed | Arts | Automobiles | Books | Diversions | Job Market | Real Estate | Travel

Help/Feedback | Classifieds | Services | New York Today

Copyright 1998 The New York Times Company