Is there a Hacker Ethic for 90s Hackers?

by Steven Mizrach

Introduction

The goal of this text analysis project was to take the texts of the computer underground and to analyze them for the presence of a) knowledge about the Hacker Ethic and b) evolution of that Ethic. Many writers, such as Steven Levy, bemoan the fact that modern-day hackers (the computer underground) are not worthy of the name because they do not live up to the principles of the original Hacker Ethic, and as unethical individuals, should simply be called "computer terrorists" or "juvenile delinquents." I sought to examine whether 90s new hackers knew of the old Hacker Ethic, if they had added anything to it, and the reasons why they felt they acted differently from their predecessors. I broadened my text analysis to look at what they saw as ethical violations, and reasons why some might repudiate the Hacker Ethic or the idea of having an ethic.

As my text project evolved, I found that after discovering the existence of a new hacker ethic for new hackers, I was wondering if people expressing the principles of the new ethic also expressed the old. I expected that the adoption of a new set of ethics would not necessarily mean the complete abandonment of the old. This would establish some continuity between both groups of hackers, and some familiarity by new hackers with the old ideals. If the hypothesis of continuity turns out to be true, then new hackers are not as different from old hackers as authors like Levy (or certain computer security professionals) might claim. They would then not only have their own ethics, but also utilize some ethical principles of their predecessors.

I coded 29 documents from the computer underground online using the NUD*IST text analysis system. I allowed new codes to emerge from other codes, based on the sort of interactive text-searching and investigation process that NUDIST makes possible. I decided to code a few factors that were not directly relevant to my tests, but could provide avenues for future investigation. Finally, after coding, I came up with two tests to look at evidence for continuity between the old and new hacker ethics.

Who is the Computer Underground?

I define the computer underground as members of the following six groups. Sometimes I refer to the CU as "90s hackers" or "new hackers," as opposed to old hackers, who are hackers (old sense of the term) from the 60s who subscribed to the original Hacker Ethic. See below.

  1. Hackers (Crackers, system intruders) - These are people who attempt to penetrate security systems on remote computers. This is the new sense of the term, whereas the old sense of the term simply referred to a person who was capable of creating hacks, or elegant, unusual, and unexpected uses of technology. Typical magazines (both print and online) read by hackers include 2600 and Iron Feather Journal.
  2. Phreaks (Phone Phreakers, Blue Boxers) - These are people who attempt to use technology to explore and/or control the telephone system. Originally, this involved the use of "blue boxes" or tone generators, but as the phone company began using digital instead of electro-mechanical switches, the phreaks became more like hackers. Typical magazines read by Phreaks include Phrack, Line Noize, and New Fone Express.
  3. Virus writers (also, creators of Trojans, worms, logic bombs) - These are people who write code which attempts to a) reproduce itself on other systems without authorization and b) often has a side effect, whether that be to display a message, play a prank, or trash a hard drive. Agents and spiders are essentially 'benevolent' virii, raising the question of how underground this activity really is. Typical magazines read by Virus writers include 40HEX.
  4. Pirates - Piracy is sort of a non-technical matter. Originally, it involved breaking copy protection on software, and this activity was called "cracking." Nowadays, few software vendors use copy protection, but there are still various minor measures used to prevent the unauthorized duplication of software. Pirates devote themselves to thwarting these things and sharing commercial software freely with their friends. They usually read Pirate Newsletter and Pirate magazine.
  5. Cypherpunks (cryptoanarchists) - Cypherpunks freely distribute the tools and methods for making use of strong encryption, which is basically unbreakable except by massive supercomputers. Because the NSA and FBI cannot break strong encryption (which is the basis of the PGP or Pretty Good Privacy), programs that employ it are classified as munitions, and distribution of algorithms that make use of it is a felony. Some cryptoanarchists advocate strong encryption as a tool to completely evade the State, by preventing any access whatsoever to financial or personal information. They typically read the Cypherpunks mailing list.
  6. Anarchists - are committed to distributing illegal (or at least morally suspect) information, including but not limited to data on bombmaking, lockpicking, pornography, drug manufacturing, pirate radio, and cable and satellite TV piracy. In this parlance of the computer underground, anarchists are less likely to advocate the overthrow of government than the simple refusal to obey restrictions on distributing information. They tend to read Cult of the Dead Cow (CDC) and Activist Times Incorporated (ATI).
  7. Cyberpunk - usually some combination of the above, plus interest in technological self-modification, science fiction of the Neuromancer genre, and interest in hardware hacking and "street tech." A youth subculture in its own right, with some overlaps with the "modern primitive" and "raver" subcultures.

The Documents

These 29 text files come from the following sources: the WELL (Whole Earth 'Lectronic Link) BBS, the MindVox BBS archives, various other hacker boards, the Usenet newsgroup alt.2600, World Wide Web HTML documents, the gopher.eff.org hacking 'zine archive, the cypherpunks.org ftp site, and a netwide search on documents containing the search term "hacker ethic." Documents were selected for this study for relevance, and thus do not constitute a fully randomized sample of electronic text.

  1. Discussion begins
  2. An unwritten manifesto?
  3. Government ethic
  4. Hacker theory to practice
  5. The Manifesto
  6. The MetaForum

    In 1990, the online bulletin board system (BBS) known as the WELL (Whole Earth 'Lectronic Link) co-hosted a conference with Harper's magazine to discuss the future of hacking. Old and new hackers were invited to participate. These are transcripts of the various postings to the topic headings in the conference.

  7. Cracker subculture
  8. Hackers wanted

    These are transcripts of postings to two other topic headings in the WELL Hacker Conference forum.

  9. Assert your rights
  10. Defense of Piracy
  11. Revolt

    These are three "propaganda" text files by hacker Subvert, where he attempts to make the moral case for hacking.

  12. From Crossbows to Cryptography: Thwarting the State via Technology
  13. The Crypto Anarchist Manifesto

    These two documents from the cypherpunks ftp archive attempt to make the case for strong encryption and cryptoanarchy.

  14. Pirate
  15. Pirate Newsletter

    These are two e-zines for pirates.

  16. Ethics of Hacking by "dissident"
  17. Hack Ethics -- A definition of the hacker ethic from the MIT "Fishwrap Gallery"
  18. Jargon File hacker ethic -- Definition of "hacker ethic" from the Hacker's Jargon File (online companion to Hacker's Dictionary) 3.0
  19. The Hacker's Code of Ethics by "Darkman"

    These are four texts which deal directly with ethical issues pertaining to hacking. Two are simply definition files.

  20. CDC -- Cult of the Dead Cow description file
  21. Digital Free Press -- a hacker e-zine
  22. Emmanuel Goldstein testimony-- Testimony of the 2600 leader before a Congressional hearing on hacking
  23. Hacker Manifesto -- "The Conscience of a Hacker" by Mentor
  24. Hacker vs Cracker -- " The Difference between Hackers and Crackers" by CandyMan
  25. Novice's guide to hacking -- A guide by Mentor and the Legion of Doom (LOD), circa 1989
  26. Phrack- Declaration of Grievances of the Electronic Community -- An imitation of the grievances clauses from the Declaration of Independence, updated for the cyberspace era, containing complaints about current technology policy.
  27. Rebels with a Cause -- A 1994 honors essay by Anthropology student Tanja Rosteck, containing some transcripts of hacker interviews and statements.
  28. What is hacking? -- Definition file from Hacker's Haven Website
  29. The Anarchist's Guide to the BBS -- a description of using BBSes for CU purposes.

Other miscellaneous files.

The Original Hacker Ethic

Every profession or trade tends to have an ethical code which suggests that it is capable of self-regulation of its members. The code demonstrates the shared core values necessary for people to practice within the professional community. And it enables the public and the government to have some degree of trust for the profession. Some of these codes may be very ancient and formalized, such as the Hippocratic Oath sworn by physicians. Others may be very modern and legalistic, like the code of ethics for applied or academic anthropologists. Some ethical systems may be "underground," (such as the Pirates' Code of 18th century buccaneers or Mafia oaths of loyalty) enabling members of subcultures or groups to survive, cooperate, and escape outsiders. Yet others like the original Hacker Ethic are very informal and simple - rules of thumb to live by.

Groups employ different means of enforcing their ethical systems. Some provisions are often recognized as simply being archaic and are ignored. This is why most doctors do not heed the prohibitions in the Hippocratic Oath against abortion or euthanasia, yet most (but not all!) believe in the ethical principle of not refusing critical treatment to a patient who is unable to pay. Other groups (such as anthropologists) often devise ethical codes simply because they are forced to by the bad behavior of some of their members in the past, and their provisions are specifically tailored to probems that have arisen. Violating some ethical codes can get you banned from the profession or worse, when professional associations exist to enforce the regulations; with hackers, breaking the Hacker Ethic seems to result mostly in anathema or social ostracization, a time-honored method of social control.

The original Hacker Ethic was sort of an impromptu, informal ethical code developed by the original hackers of MIT and Stanford (SAIL) in the 50s and 60s. These "hackers" were the first generation of programmers, employing time-sharing terminal access to 'dumb' mainframes, and they often confronted various sorts of bureaucratic interference that prevented them from exploring fully how technological systems (computers, but also model trains, university steam tunnels, university phone systems, etc.) worked. The ethic reflects their resistance to these obstacles, and their ideology of the liberatory power of technology. The six principles of the Hacker Ethic are listed below, with some text samples showing where it appears within these documents.

A concise summation of it can be found in Steven Levy's 1984 book Hackers: Heroes of the Computer Revolution. Levy suggested that because of their Ethic and their unconventional style, hackers like Jobs and Wozniak were able to launch the "computer revolution," resulting in the first personal computer (the Apple) which was easy to use and which put programming power in the individual's hands. Here I cite documents from my sample which reiterate some of its principles.

  1. Hands On Imperative: Access to computers and hardware should be complete and total. It is asserted to be a categorical imperative to remove any barriers between people and the use and understanding of any technology, no matter how large, complex, dangerous, labyrinthine, proprietary, or powerful.

    As we can see, this has not been the case. The computer system has been solely in the hands of big businesses and the government. The wonderful device meant to enrich life has become a weapon which dehumanizes people. To the government and large businesses, people are no more than disk space, and the government doesn't use computers to arrange aid for the poor, but to control nuclear death weapons. The average American can only have access to a small microcomputer which is worth only a fraction of what they pay for it. The businesses keep the true state of the art equipment away from the people behind a steel wall of incredibly high prices and bureaucracy. It is because of this state of affairs that hacking was born. ("Doctor Crash", 1986)[1]

  2. "Information Wants to Be Free" "Information wants to be free" can be interpreted in three ways. Free might mean without restrictions (freedom of movement = no censorship), without control (freedom of change/evolution = no ownership or authorship, no intellectual property), or without monetary value (no cost.) Some hackers even take this to mean information is alive, free to act on its own agency, as viruses, genetic algorithms, 'bots and other software programs do. Most hackers seem to advocate this principle in different senses of the word "free" at different times. In any case, when asked about the content of the Hacker Ethic, most people assert this as the key principle.

    There is much knowledge that is disallowed, hidden. Government activities, corporate crime, and "illegitimate" information needs to be disseminated. People without access to technology need it - they can contribute to the world. Distributing this information is illegal, potentially dangerous. This, in my humble opinion, is the best use of hacked accounts. Obtaining information, disseminating information needs anonymity. This protects your hide. This is important. Whistle blowers are only silenced when their identity is known...

    Access to information
    Yes, access is a right you have. You need to know when the government is killing people, radiating them, listening to them, lying to them, lying to you. You have a right to gain access to information about OUR government. This government is supposedly of the people, by the people, power granted by a social contract.[2]

  3. Mistrust Authority. Promote decentralization. This element of the ethic shows its strong anarchistic, individualistic, and libertarian nature. Hackers have always shown distrust toward large institutions, including but not limited to the State, corporations, and computer administrative bureaucracies (the IBM 'priesthood'). Tools like the PC are said to move power away from large organizations (who use mainframes) and put them in the hands of the 'little guy' user. Nowhere is this ethos stronger than among the anti-statist cypherpunks and extropians.

    In fact, technology represents one of the most promising avenues available for re-capturing our freedoms from those who have stolen them. By its very nature, it favors the bright (who can put it to use) over the dull (who cannot). It favors the adaptable (who are quick to see the merit of the new (over the sluggish, who cling to time-tested ways). And what two better words are there to describe government bureaucracy than "dull" and "sluggish"?[3]


    The State will of course try to slow or halt the spread of this technology, citing national security concerns, use of the technology by drug dealers and tax evaders, and fears of societal disintegration. Many of these concerns will be valid; crypto anarchy will allow national secrets to be traded freely and will allow illicit and stolen materials to be traded. An anonymous computerized market will even make possible abhorrent markets for assassinations and extortion. Various criminal and foreign elements will be active users of CryptoNet. But this will not halt the spread of cryptoanarchy.[4]

  4. No Bogus Criteria: Hackers should be judged by their hacking, not by "bogus criteria" such as race, age, sex, or position. Nowhere is this ethos more apparent than in the strong embrace by most hackers of the levelling power of the Internet, where anonymity makes it possible for all such 'variables' about a person to remain unknown, and where their ideas must be judged on their merits alone since such contextual factors are not available.

    The Internet is one of the best hacks the world has to offer. It has continually shattered deeply ingrained social prejudices concerning characteristics such as age, race, wealth, and sex. In fact, it is common to find 14 year olds arguing philosophy with 41 year olds on America's computer networks![5]

  5. "You can create truth and beauty on a computer." Hacking is equated with artistry and creativity. Furthermore, this element of the ethos raises it to the level of philosophy (as opposed to simple pragmatism), which (at least in some quarters) is about humanity's search for the good, the true, and the beautiful.

    Without question, good/great programming (hacking) is art and as with art each person has their own signature and style (which changes over time). Quite a few years ago I was reviewing some derivative works of one hacker, and found the lack of signature and style of the original.[6]

  6. "Computers can change your life for the better." In some ways, this last statement really is simply a corollary of the previous one. Since most of humanity desires things that are good, true, and/or beautiful, the fact that a computer can create such things would seem to mean that axiomatically it can change peoples' lives for the better. However, this is merely a declarative statement, which like the previous one reflects a deep-felt love of technology. It does not state explicitly that computers should always change peoples' lives for the better, or the principle that would follow from that, which is that it is unethical to use them to make peoples' lives worse. .. Many hackers see the Internet as an immense positive force, and this reiterated again by hacker Emmanuel Goldstein --

    The future holds such enormous potential. It is vital that we not succumb to our fears and allow our democratic ideals and privacy values to be shattered. In many ways, the world of cyberspace is more real than the real world itself. I say this because it is only within the virtual world that people are really free to be themselves - to speak without fear of reprisal, to be anonymous if they so choose, to participate in a dialogue where one is judged by the merits of their words, not the color of their skin or the timbre of their voice. Contrast this to our existing "real" world where we often have people sized up before they even utter a word. The Internet has evolved, on its own volition, to become a true bastion of worldwide democracy. It is the obligation of this committee, and of governments throughout the world, not to stand in its way.[7]

Thus, the ethical principles of the Hacker Ethic suggest it is the ethical duty of the hacker to remove barriers, liberate information, decentralize power, honor people based on their ability, and create things that are good and life-enhancing through computers. It remains an open question (of interpretation) as to whether it advocates the free distribution of software (the GNU/Richard Stallman position), the injunction against using computers for malicious purposes (the Clifford Stoll position), or the need for secure networks based on trust (the Steven Levy position.) Each of these document samples show that new hackers are aware of, and advocate (whether intentionally or accidentally) elements of the original Hacker Ethic.

New Hacker Ethic

From my documents, I found that there is a new hacker ethic which 90s hackers live by. There are fragments of continuity from the old hacker ethic, as one can see. The new ethic appears to have developed like the old one, informally and by processes of mutual reinforcement. The new ethic seems to contain some ambiguities (like the old one) and a few contradictions. This may be due to the fact that its practicioners are more numerous and more dispersed than the original 60s hackers.

  1. "Above all else, do no harm" Do not damage computers or data if at all possible. Much like the key element of the Hippocratic Oath.

    According to the "hacker ethic," a hack must: * be safe
    * not damage anything
    * not damage anyone, either physically, mentally or emotionally
    * be funny, at least to most of the people who experience it

    [8]


    It is against hacker ethics to alter any data aside from the logs that are needed to clean their tracks. They have no need or desire to destroy data as the malicious crackers. They are there to explore the system and learn more. The hacker has a constant yearning and thirst for knowledge that increases in intensity as their journey progresses.[9]


    2. The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality.[10]

    Of course, the key problem with this ethical position is its stance on intent. One should not damage data deliberately. But what if, as often happens in hacking attempts, one accidentally erases or alters data while trying to alter system log files or user records? Is that an ethical violation? Also, the question of what constitutes "harm" is left open. Most hackers seem to see pranks and practical jokes as harmless, regardless of their psychological impact. Yet their victims may not feel these are so 'harmless,' especially if this causes them to lose valuable time or effort.

  2. Protect Privacy People have a right to privacy, which means control over their own personal (or even familial) information. Privacy rights are notably missing from the U.S. Constitution, but they have been brought to the forefront of modern legal argument due to the growing surveillance power of technology. There still is no codified right to privacy for U.S. citizens, although the Supreme Court has ruled that it is contained implicitly in its judgements legalizing the distribution of birth control and the right to first-trimester abortion.

    How far do privacy rights go, however? Do people also have an intrinsic right to online anonymity? Do I have the right to conceal my health status, criminal record, or sexuality from my employer? Are some people (politicians, celebrities, etc.) entitled to less privacy than others? Does my social security number, credit history, or telephone number belong only to me? Further, the strange thing about hackers asserting a right to privacy is that it declares a certain kind of information to not be free. Thus, in some ways this is a contradiction to the original hacker ethic.

    Your right to Privacy
    Privacy is a right we beleive we have. Unfortunately privacy is not explicitately protected in the constitution. Our consitution is dated in that respect, there weren't the threats to privacy then as there are now. Technology is truly a double-edged sword. The abscense of privacy provisions in the constitution does not make it any less important. Indeed, the lack of constitutional protections have allowed our privacy to be gravely threatened.[11]


    The concept of privacy is something that is very important to a hacker. This is so because hackers know how fragile privacy is in today's world. Wherever possible we encourage people to protect their directories, encrypt their electronic mail, not use cellular phones, and whatever else it takes to keep their lives to themselves. In 1984 hackers were instrumental in showing the world how TRW kept credit files on millions of Americans. Most people had never even heard of a credit file until this happened. Passwords were very poorly guarded - in fact, credit reports had the password printed on the credit report itself.[12]

    The second argument is an interesting one. The problem most hackers had with TRW is not they kept files on most peoples' credit histories without their knowledge (thus they couldn't see if they contained any errors), and it was on that (unknown) basis that they were denied loans, credit cards, mortgages, etc. It was that those files were insecure.

  3. "Waste not, want not." Computer resources should not lie idle and wasted. It's ethically wrong to keep people out of systems when they could be using them during idle time. This is what some people call the "joy riders' ethic." If you borrow someone's car, and return it with no damage, a full tank of gas, and perhaps even some suggestions for improved performance, have you not done them a favor? Especially if they never know you borrowed it in the first place for a few road trips? Isn't it wasting that precious engine power to leave the car in a parking spot while somebody else could be using it for a grocery trip? (Is it an ethical violation to borrow the car and make a set of keys for yourself so you can borrow it whenever you feel like? This is, after all, what most hackers do when they give themselves sysadmin privileges.) Yet most are possessive over the use of their own personal computer.

    The hacker ethics involves several things. One of these is avoiding waste. Over the internet, we have about a quarter million computers each of which is virtually unused for 10 hours a day. A true hacker seeing something useful that he could do with terraflops of computing power that would otherwise be wasted might would request permission to use these machines and would probably go ahead and use them even if permission was denied. In doing so, he would take the greatest possible precautions to not damage the system.[13]

  4. Exceed Limitations Hacking is about the continual transcendence of problem limitations. Some old hackers assert this principle, as an informal seventh addition to the original Ethic. Telling a hacker something can't be done, is a moral imperative for him to try. "Extropians" believe there is a universal force of expansion and growth, inverse to entropy, which they call "extropy." Hacking is seen as extropian because it always seeks to surpass current limits. Technology is seen as a necessarily exponential force of growth. Limitations must be overcome. For some hackers, these limitations might be unjust laws or outdated moral codes.

    To become free it may be necessary to break free from medieval morality, break unjust laws, and be a disloyal employee. Some may call you an disloyal, sinful criminal. To be free in a room of slaves is demoralizing. Free your fellow man, give him the tools, the knowledge to fight oppression. Do not infringe on others' rights.[14]

  5. The Communicational Imperative People have the right to communicate and associate with their peers freely. The United Nations International Telecommunications Union (ITU) has stated in many conferences that this should be a fundamental human right, with which no nation should ever interfere. The sweeping freedoms given to amateur radio hobbyists internationally reflect this belief. Globally, it remains a significant moral problem, in that most developing nations lack the infrastructure to grant this right. Various UN reports have shown that despite the rhetoric, many Third World nations do not have access to the "global" information superhighway because they lack "onramps." Their telecommunications infrastructure is lacking.

    Most hackers strongly support the 1st amendments' rights to communication and assembly, since these are necessary for the free flow of information. Phreakers take this a step beyond, however, in asserting that people should have the right to communicate with each other cheaply (thus poor people have as much right to talk on the phone long distance as the rest of us) and easily . When telecommunications companies are an obstacle to this right to communicate, phreaking (blue boxing the phone system, making unauthorized 'bridge' conference calls, using empty voicemail boxes, etc.) is said to be the answer.

    The Right to communicate
    Communicate!
    This is our strongest right, and our most crucial. There mere fact that this page is allowed to exist is proof that our 1st amendment has not crumbled completely. Despite the governmental protection, there are threats to our freedom to communicate.
    [15]

  6. Leave No Traces Don't leave a trail or trace of your presence; don't call attention to yourself or your exploits. Keep quiet, so everyone can enjoy what you have. This is an ethical principle, in that the hacker follows it not only for his own self-interest, but also to protect other hackers from being caught or losing access. Such a principle can be found among various criminal or underground organizations. Of course, there is a contradiction between asserting a need for secrecy (as well as privacy), and the need for unrestricted information.

    The rules a Hacker lives by:
    1. Keep a low profile.
    2. If suspected, keep a lower profile.
    3. If accused, deny it.
    4. If caught, plea the 5th.
    [16]

  7. Share! Information increases in value by sharing it with the maximum number of people; don't hoard, don't hide. Just because it wants to be free, does not mean necessarily you must give it to as many people as possible. This principle can be seen as an elaboration on an original ethical principle. The Pirates' ethic is that piracy increases interest in software, by giving people a chance to try it out and experiment with it before paying for it. So sharing software with your friends is a good thing.

    Pirates SHARE warez to learn, trade information, and have fun! But, being a pirate is more than swapping warez. It's a life style and a passion. The office worker or class mate who brings in a disk with a few files is not necessarily a pirate any more than a friend laying a copy of the lastest Depeche Mode album on you is a pirate. The *TRUE* pirate is plugged into a larger group of people who share similar interests in warez. This is usually done through Bulletin Board Systems (BBSs), and the rule of thumb is "you gotta give a little to get a little...ya gets back what ya gives." Pirates are NOT freeloaders, and only lamerz think they get something for nothing.[17]

  8. Self Defense against a Cyberpunk Future Hacking and viruses are necessary to protect people from a possible 1984/cyberpunk dystopian future, or even in the present from the growing power of government and corporations. It's a moral imperative to use hacking as the equivalent of 'jujitsu,' allowing the individual to overcome larger, more impersonal, more powerful forces that can control their lives. If governments and corporations know they can be hacked, then they will not overstep their power to afflict the citizenry.

    I believe, before it's all over, that the War between those who love liberty and the control freaks who have been waiting for to rid America of all that constitutional mollycoddling called the Bill of Rights, will escalate.

    Should that come to pass, I will want to use every available method to vex and confuse the eyes and ears of surveillance. Viruses could become the necessary defense against a government that fears your computer.[18]

    What's interesting is that this principle recognizes and asserts that it's not only possible but also likely for computers to have a dark side and to be used for purposes other than truth and beauty, and that we need to be wary of technology, or at least technology in the wrong hands.

  9. Hacking Helps Security This could be called the "Tiger team ethic": it is useful and courteous to find security holes, and then tell people how to fix them. Hacking is a positive force, because it shows people how to mend weak security, or in some cases to recognize and accept that total security is unattainable, without drastic sacrifice.

    Sense 2 is more controversial: some people consider the act of cracking itself to be unethical, like breaking and entering. But the belief that `ethical' cracking excludes destruction at least moderates the behavior of people who see themselves as `benign' crackers (see also samurai). Based on this view, it may be one of the highest forms of hackerly courtesy to (a) break into a system, and then (b) explain to the sysop, preferably by email from a superuser account, exactly how it was done and how the hole can be plugged --- acting as an unpaid (and unsolicited) tiger team.[19]

    Many software companies today, including Lotus, regularly use tiger teams to test their security systems. So, this ethical principle seems to be agreed upon by some members of the industry -- to a certain extent. Even Lotus does not want its systems being tested by hackers who are not under its employ or control.

  10. Trust, but Test! You must constantly test the integrity of systems and find ways to improve them. Do not leave their maintenance and schematics to others; understand fully the systems you use or which affect you. If you can exploit certain systems (such as the telephone network) in ways that their creators never intended or anticipated, that's all to the better. This could help them create better systems. One of those systems that may require constant revision, testing, and adjustment, apparently, is constitutional democracy.

    Democracy is always being tested -- it's an inherent part of what it stands for. whether it's flag burners, gay activists, klansmen, or computer hackers, we're always testing the system to see if it holds up to pressure. i stress that this is NOT an end iwe do because it interests us, but in the bigger picture we're actually testing the sincerity of the democratic system, whether we're aware of it or not.[20]

    One of the most important manuals for British hackers was called "beating the system." The essential argument is that as systems (like the phone network) become more and more complex, they become impossible to manage from a centralized office. Hacking at the edges of the system not only becomes possible, in some cases it becomes necessary. It becomes an ethical imperative to test the system, lest it fail when it is most needed (like the AT & T phone switches did in 1990.)

So, in short, the new hacker ethic suggests that it is the ethical duty of new hackers (or the CU), to : 1) protect data and hardware 2) respect and protect privacy 3) utilize what is being wasted by others 4) exceed unnecessary restrictions 5) promote peoples' right to communicate 6) leave no traces 7) share data and software 8) be vigilant against cyber-tyranny and 9) test security and system integrity of computer systems.

Violations/Transgressions

These could be considered the "thou shalt nots" of the new hacker ethic, as opposed to its affirmative "you shoulds." Some of these transgressions of the hacker ethic are already implied by some of its basic affirmative principles. We can get an idea of what hackers believe they should do, based on what they reject as unsuitable activities of their peers.

  1. Bootlegging Commercialism; selling pirated software; hacking for profit; selling out. Bootlegging violates the new ethic of sharing and the original hacker ethic which eschewed profit (and embraced personal satisfaction) as a reason for creating software (hence the existence of Richard Stallman's GNU Free Software Foundation.)

    On occasion the possibility of making a profit from these advances tempts hackers into commercialism. On other occasions, they see commercialism as the only way to get their work into the hands of the masses. When they succeed they become rich, and usually get moved further and further from hacker life and more and more into paperwork and then don't live happily ever after.[21]


    Bootleggers are to pirates as a chop-shop is to a home auto mechanic. Bootleggers are people who DEAL stolen merchandise for personal gain. Bootleggers are crooks. They sell stolen goods. Pirates are not crooks, and most pirates consider bootleggers to be lower life forms than child molesters.[22]

    Bootlegging seems to contradict new hacker ethic 7, share!

  2. Freeloading Always taking and never contributing. Profitting from other peoples' efforts without adding to them. "Warez d00dz" and "Codez d00dz" who are hunting for free software or phone codes without offering anything in return (a hack, a number, whatever) are looked down upon. Hoarding and refusing to tell others about your hacks are seen as wrong. This also violates the new ethic of sharing.

    In fact, pirates may be one of the best forms of advertising for quality products, because sharing allows a shop-around method for buying warez. Most of us buy a program for the documents and the support, but why invest in four or five similar programs if we aren't sure which best suits our needs? Nah, pirates aren't freeloaders. We are against freeloading.[23]

  3. Trashing Crashing systems; destroying hardware; hurting other users; malicious vandalism; irreversible damaging or destroying of data; unleashing destructive viruses, Trojans, logic bombs. Prankful (non-harmless) games with users and sysops and systems is acceptable... This is seen as the obvious corollary of the new ethic to "do no harm."

    I. Do not intentionally damage *any* system. Trashing BBSes is wrong, plain and simple.
    II. Do not alter any system files other than ones needed to ensure your escape from detection and your future access (Trojan Horses, Altering Logs, and the like are all necessary to your survival for as long as possible.)
    [24]


    The one thing I hate, is the way some self-appointed hackers find there way into a system, and ruin the name of the rest of us by destroying everything they can find. Now that is pathetic. First of all, as I said, it ruins the name of the rest of us. Thus, once again, the "Destructive Computer User" Stereotype... A board crasher is no more a "hacker" than my grandmother is.[25]

  4. Excessive Selfishness Self interest overrules any concern for other hackers whatsoever. This violation implies others... once again, we run into the strange divide at the heart of the Hacker Ethic, which is deeply individualistic, yet also fiercely communal. Individuals are expected to be highly self-motivated, but not selfish.

    I think you'd be less agitated if you define your categories as hackers and criminals. The former are in it to explore and the latter are in it for themselves and nothing else. Of course, some hackers do break laws on occasion but I don't think that necessarily turns them into criminals, at least not in the moral sense.[26]


    Also, some hackers have this massive ego problem... I must name one here, for that problem, and he is Corporal Punishment... I have had numerous run-ins with this guy. He seems to think he is a God, constantly running everyone into the ground. He even went as far as saying "PHRACK sucks!" But he isn't the only one with that problem... Some feel that if they put others down, they will elevate to a higher level. Sorry to burst you bubble guys, but your only viewed as massive ego-maniacs that deserve nothing less than being run down yourselves...[27]


    Let us not forget that hackers, crackers, chippers, crunchers, and whatnot all have ego, and one thing that bothers me about using the Hacker Ethic to describe people is that ego and self-interest are not accounted for. How else can you explain crackers selling pirated software, otherwise intelligent people distributing viruses to the general public in hope of causing maximum damage to other users, or hackers breaking into some system and erasing files for laughs? People break into computers because it's fun and it makes one feel powerful, not because there is untapped power waiting to be used if only the right programming "wizard" comes along.[28]

  5. The (Selective) Anti-Stealing Ethic Information, services, and software are not property; hardware, physical property, money, and monetary services (credit cards, digital cash, phone card numbers) are. Theft of these is still wrong. Also, the target makes a difference. Stealing phone service (say, voicemail boxes) from a large institution like a corporation or the government is OK. Stealing it from an individual or a small nonprofit is not.

    Thus the new hacker ethic, according to its propagandists, does not embrace theft; instead it simply defines certain things (like information) as not being personal property, or certain actions (using phone service) as "borrowing" rather than theft.

    So where is the boundary between the hacker world and the criminal world? To me, it has always been in the same place. We know that it's wrong to steal tangible objects. We know that it's wrong to vandalize. We know that it's wrong to invade somebody's privacy. Not one of these elements is part of the hacker world.[29]

  6. Bragging Calling too much attention to oneself. It is acceptable ('elite') to brag in private hacker circles, unacceptable to brag or make taunts and dares to sysops, law enforcement, or authorities, or in any public forum where they tend to listen. Some hackers even consider the first unacceptable, since hacker boards are monitored by the Secret Service as well. Bragging and boasting to the media or other non-hackers violates the ethic of 'leave no trace' and keeping a low profile.

    Bragging after a neat hack may seem like the natural thing to do. But just remember that it can only call attention to yourself, and not everyone who pays attention to hackers are admirers. You may jeopardize your friends and anyone else who ever accesses the same system as you.[30]


    True hackers are quiet. I don't mean they talk at about .5 dB, I mean they keep their mouths shut and don't brag. The number one killer of those the media would have us call hackers is bragging. You tell a friend, or you run your mouth on a board, and sooner or later people in power will find out what you did, who you are, and you're gone...[31]

  7. Spying Snooping, monitoring of people, and invading their privacy is wrong... so therefore is reading private e-mail, etc. This follows from the new hacker ethic which sees privacy as a fundamental right. However, part of the hacker praxis is about finding out passwords and security holes from users, whether through "social engineering" or simple snooping and "sniffing." This is the contradiction, once again, of embracing privacy but also insisting on unrestricted information.

    Some crackers are using computers in the exact *opposite* way that the first hackers intended them: first, by restricting the unimpeded and unmonitored flow of information through the computer networks and phone lines; and second, by using computers to monitor people, by intrusive methods of information-gathering.[32]

  8. Narcing It is wrong to turn other hackers in. This part of their ethical code is not different from many other criminal organizations or subcultures, such as prison inmates, drug addicts, prostitutes, etc., or even 'above-ground' subcultures such as police departments. ("code of silence.") However, this code has special meaning for hackers, since many ex-hackers often decide to become computer security personnel later in life. Many of their peers consider this 'selling out.'

    There's no lower form of life than the narc. Hackers who go and rat on other hackers are scum. They get lots of promises of immunity and stuff if they turn in all their friends. Some hackers get back at other people by turning them into the feds. This is wrong, and it only damages the hacker community. We need to stick together, because nobody else is really on our side.[33]


    The last thing I will mention, will be hackers turning in other hackers to federal crime agencies, or to the PhoneCorp security offices, or any other type of company that deals with computer related phraud. This activity, refered to as Narcing, is getting to be too popular for a hackers good... You may be saying, " Come on, no hacker in they're right mind would turn another on in ". And your right... It's once again those self proclaimed hackers, or the ones who think they are who will do this to get "Even"...[34]
We can then see that new hackers do believe certain things are wrong - and people who commit these actions are frowned upon and often prevented from being recognized by the hacker community. Many of the things new hackers reject, would also be rejected by the community of old hackers.

Reasons for Change

I coded various "emic" explanations in these texts for why some people felt the Hacker Ethic had changed. These could potentially provide the basis for looking for some interesting etic, measurable variables.

  1. "More Stuff" Computers are more numerous, more powerful, more networked, more distributed, more important, more widespread. More power over society = more corruption, more incentive.

    So the process of society adopting a new technology BY DEFINITION must include the removal of all idealistic motivations originally present in the promoters of the technology. Computers are power, and direct contact with power can bring out the best or the worst in a person. The Hacker Ethic is simply the ideal case: it's tempting to think that everyone exposed to the technology will be so grandly inspired, but alas, it just ain't so.

    The "hacker ethic" was unnoticed before because fiddling with large complex systems was so difficult until recently. There have always been basement tinkers and young pranksters but their explorations were very local. Once we are all connected, the work of these investigators ripple through the world we have constructed and affect us.[35]


    We live in the age of computers. Everything is controlled by massive mainframes; Our water distribution system, rail-road control, airline control, electricity control, telephone companies, etc, etc, etc... Imagine the fun someone can have in one of those systems!!! Just the fact of getting in them can sometimes be a major accomplishment. But my point is, what people do once they are in...[36]

  2. Society Society has changed for the worse. Either the old hackers lived in a more sheltered, supportive, rewarding environment (the MIT lab where they had access to everything they could ever want, plus recognition from their mentors and peers), or they simply lived in a larger society (the U.S. of the 50s) which was more based on trust, honesty, etc., and that is why their behavior was different. This might be the sort of sociological explanation found in a sociology textbook.

    PANTY RAIDS: When panty raids meet biotech it may be time to adapt new rituals; or the cracker phenomena is more complex then that and has at least something to do with increased levels of social alienation and how the street finds its own use for things.[37]


    It is my contention that hackers did not change. Society changed, and it changed for the worse. The environment the early hackers were working in rewarded them for their mischief and their desire to experiment and try new things.[38]

  3. The Computer Industry has Sold Out

    The computer industry sold out; no commercial software developers today believe in the Hacker Ethic either. They patent software, copy-protect programs, lock up data and algorithms. New hackers are merely responding to the times. They wouldn't have to do what they have to do if the computer industry believed in open standards and systems and free source code.

    And yet, in practice, I can't help but conclude that the computer revolution is over, and that the people lost. The computer community is driven now not by a lust for knowledge but by a lust for money. What were fledgling companies of wild-eyed programmers sharing knowledge and feeding on each other's ideas have become corporate behemoths, run by suits and ties, and copyright lawyers, and the bottom line.[39]

  4. Generational Change Hackers, like other youth of their generation ("generation X"), are more alienated, more pessimistic, more self-centered, more thoughtless, more careless, more pragmatic, etc. It's not that society, technology, or computing practices changed; it's just that new hackers come from a generation which was raised differently from its predecessors and was exposed to different influences.

    It's like you sometimes see in the media - 'GenX' is more in it for themselves, more likely to try and get ahead through using information from any which way, and more often see themselves as getting screwed over by their elders ... so it's not surprising that they don't have the same attitudes as Baby Boomer hackers.[40]

A future research project might be to try and turn these into etic variables. If one could operationalize and measure "level of alienation" for the authors of these texts, it might turn out to be a causal factor for "level of adherence to the Hacker Ethic," which would be the degree to which the person espouses the old or new Hacker ethics. Or one could try and correlate changes in the Hacker Ethic with changes in computing practices or level of intensification of computer use.

Repudiations

It's interesting to examine the ways in which 90s hackers often repudiate the original Hacker Ethic, or the possibility of embracing any Ethic at all. These are based on some items I coded in the texts, and other mentions found on the Net.

  1. Fraud "The hacker ethic is a fraud" perpetrated by the original hackers. It's too idealistic to possibly work in the real world.

    But the Hacker Ethic is also a fraud. It is a fraud because there is nothing magical about computers that causes one of its users or owners to undergo religious conversions and devote themselves to use of the computer for the betterment of the public good. Early automobile enthusiasts were tinkerers, inventors, people with a dream building motorized transportation. Then the new invention became popular and the elite used it to drive around in luxury. Then the new invention became accessible, and for many, necessary for survival. Now we have traffic jams, drunk drivers, air pollution, and suburban sprawl. Whatever magic still present in the use of the automobile occasionally surfaces, but we possess no delusions that it automatically invades the consciousness of everyone who sits behind the wheel.[41]

  2. Individualism Individualistic loners don't tend to subcribe to communal ethics. Many hackers argue that hacking is by nature oriented toward individualism rather than "groupthink," and thus the community of hackers is one of mutually reinforcing self-interest rather than any true form of fellowship or common ideology.

  3. Many, not one There is no one single hacker ethic; in the extreme position, every hacker has their own ethic.

    I think the problem we're all having is the fact that everyone is deluding themselves thinking there is only ONE 'hacker ethic'. The truth of the matter is, everyone has their *OWN* hacker 'ethic'. To say that we all think the same way is foolish.[42]

  4. Anti-professionalism Ethics are usually professional standards; by their very nature hackers are anti-professional and tend to make up the rules as they go along. Creating a professional, formalized code for hackers would mean the end of hacking.

  5. Natural Evolution The hacker ethic, like any belief system, must evolve over time; it's foolish to assume anyone could maintain the same ethics when everything else (especially technology) changes so rapidly.

In exploring some of the factors that lead to rejection of the original Hacker Ethic, we might be able to understand better why certain hackers do embrace either the old or new one or a combination of both.

Investigations of Patterns

I did two index tree searches of the NUDIST tree-index to examine my hypothesis of continuity between the 60s and 90s hackers.

Report 1

This was simply an index search where I told NUDIST to identify the number of documents which contained codes from both the old and new hacker ethics' subcodes. Any document which contained one or more codes from both sets of ethical codes was considered a 'hit,' indicating knowledge of (if not practice) of both systems. The results were: retrievals in 15 out of 29 documents or 52 percent. This seems to be statistically significant, and it is unlikely that hackers would express elements of both ethical systems purely by chance unless they were aware of both.

Report 2

I generated a matrix of overlapping documents for the Hacker Ethics (old and new). This identifies where codes co-occur within the same text units (as opposed to elsewhere in the same text) and in which documents.

1 1 1 2 1 3 1 4 1 5 1 6
2 1 24 24, 18
2 2
2 3
2 4
2 5
2 6
2 7
2 8 27 27
2 9
2 10

In document 24, "hacker vs. cracker," we see the co-occurence of the old hacker ethic of "total access" and the new hacker ethic of "do no harm," as well as the co-occurence of "information wants to be free" with "do no harm." In document 18, "Hacker ethic jargon file," we see the co-occurence of these same sentiments. And in document 27, "Rebels with a cause," we see the co-occurence of "self defense" with "information wants to be free" and "computers can change your life for the better."

Apparently, while hackers may express principles of both hacker ethics, they are unlikely to do so at the same time or within the same thought. Co-occurence within the same text unit did not occur very often - only 3 out of 29 documents.

Conclusions - areas for future research

I feel it safe to say that I can conclude a few basic facts from this early effort at text analysis. Mostly, I have a basis for a good deal of future research. I might be able to state more, if I had access to more documents or more information about their authors beyond their "handles."

  1. New 90s hackers are not unethical. They are not unaware of the original Hacker Ethic. They have their own ethical system which combines elements of the old 60s Hacker Ethic with some new innovations (the new hacker ethic.) The fact that ethics are important to these hackers is suggested by the fact that they anethematize "crackers" and "dark side" hackers for transgressions which violate the spirit of their ethics.
  2. There are four interesting areas of investigation for looking into the changes between the old and new Hacker Ethic. Measurement of changes in computer technology, social indicators, computer industry practices, and generational demographics might provide variables which covary with, and possibly even explain, the changes in this ideological system.
  3. Some new hackers do repudiate the original Hacker Ethic or the possibility of having an ethic at all. It would be interesting to find out what aspects of their profiles (age, background, experience, gender, social class, etc.) correlate with whether or not they repudiate it and why. There should be some way to predict whether or not a hacker is likely to embrace the ethic, and how much they fidelity to it they will demonstrate.
  4. The (old and new) Hacker Ethic is not totally idiosyncratic. Elements of it are similar to principles advocated by American culture and its "democratic" constitutional and informal ideals; the ethical codes of professional organizations such as academics, doctors, and lawyers; the ethical systems of "underground" and marginalized groups such as addicts, prostitutes, homeless people, etc.; and traditional ethical precepts of philosophy (such as the Golden Rule or Kantian categorical imperative.) Hackers are not alone in wanting privacy, knowledge, or community.
  5. The similarity between the old and new hacker ethics suggest that the new hackers did not emerge out of a distinct "tradition" from the old hackers. Ethical continuity suggests some demographic continuity. The 60s and 90s hackers may not be all that different, despite the fact that the 60s hackers consider the 90s hackers to be less deserving of the mantle of the term "hacker."

Text Sources

  1. Rebels with a Cause
  2. Revolt
  3. From Crossbows to Crypto
  4. Cryptoanarchist Manifesto
  5. Declaration of Grievances of the Electronic Community
  6. The Manifesto
  7. Emmanuel Goldstein Testimony
  8. Hack Ethics
  9. Hacker vs. Cracker
  10. Jargon file - hacker ethic
  11. Assert your rights
  12. Emmanuel Goldstein testimony
  13. Discussion begins
  14. Revolt
  15. Assert your rights
  16. What is hacking?
  17. Pirate Newsletter
  18. Government ethic
  19. Jargon file - hacker ethic
  20. The Manifesto
  21. Discussion begins
  22. Pirate Newsletter
  23. Pirate Newsletter
  24. Novice's guide to hacking
  25. The Hacker's Code of Ethics
  26. Cracker subculture
  27. The Hacker's Code of Ethics
  28. The Manifesto
  29. Emmanuel Goldstein testimony
  30. What is hacking?
  31. Ethics of Hacking
  32. Government ethic
  33. What is hacking?
  34. The Hacker's Code of Ethics
  35. Discussion begins
  36. The Hacker's Code of Ethics
  37. Cracker subculture
  38. Digital Free Press #2
  39. Discussion begins
  40. Anarchist's Guide to the BBS
  41. Discussion begins
  42. Discussion begins
Return to CyberAnthropology