Hacker Perspective: Marc Lighter
It is not uncommon for a word to become misused in the common vernacular. When the media starts directing a narrative, the general populace grabs onto it like the sixth proton on a carbon-14 atom.
Growing up, our first family computer was the Apple II. It had a whopping 4k of RAM. I remember the feeling of popping open the case and upgrading it to 16k of RAM. From that point on, I was hooked. Back then hobbyists were known as "hackers." I was young then, but the feeling of excitement in hacking a game called Wizardry saved me hours and hours of time searching through dungeons for treasure. Sure, the search was fun, but hacking the game was more fun than the game itself.
This was about the time that the first modems arrived (300 bps). You'd watch each character pop onto the screen, one at a time. It was like watching a monkey type in slow motion... and we loved it. Close Encounters of the Third Kind was a popular movie back then and the idea that technology could enable everything (including conversing with aliens) was all very real and possible. The whole era was the golden age of hacking. Back then, a hacker was a hobbyist who tinkered with anything technology-related. We built our own computers, we were ham radio operators, we were electronics geeks. We loved to experiment and try things that no one else would try.
The movie WarGames came out and it was the first real "hacker" movie that I can recall. Finally, a movie where the hacker was the star! That was around the same time that stories came out in the news about "miscreants" invading computer systems and the media grabbed onto the big buzzword of the time... "Hacker." Some of us recoiled in shame, others used it discretely as if members of a secret society. We could no longer proudly proclaim our association with the term: it had become synonymous with "criminal." We might as well be mobsters helping to direct organized crime families commit heinous murders. Some of us just gave up trying to convince people that this word, once innocent and prestigious, was now twisted and bastardized and now invoked images of some hideous and terrible creature, like Gollum on a keyboard.
Some of us just shrugged and left the word behind, giving up on the battle to save our badge of honor. Some of us relented and started using it the way the media had decided we should use it. We became those whom it described.
Early into my IT career, I found myself fixing and repairing computers. We were a bunch of young guys who all had the same dreams and aspirations at work... to get home and surf the net every night and ftp the latest game or hang out on the local BBS trolling for girls that never showed up. We made a living fixing the bugs in software and replacing components in hardware. Things were buggy back then and most end users blamed the computer for everything. (Some things never change.) Security was an afterthought and most businesses we worked with didn't even have a firewall. If you were in the trenches with us, you knew the domain admin password, so you could peek into just about anything that you wanted... even the boss's email. Most people didn't even worry about locking their computer, so we used to wait until they left and would send inappropriate emails to each other or send an email to the boss telling him "I quit!" while laughing hysterically as the poor schlub tried to explain to the boss that he hadn't really sent that email.
Wireless was when we really had some fun. If you aren't that old yet, I wish you could have been there during the early days of wireless. Wardriving became a habit that was hard to break... even harder to break than the crappy WEP encryption they supplied. We would have wardriving parties where we would drive all over town with a $5000 Compaq laptop and a Yagi antenna hanging out of the passenger window to surveil any wireless signal we could get a hold of. Once in, we could literally watch your every move online. Of course, this was before there were any known laws against such activity. We were breaking new ground and even the police weren't sure what to charge us with (other than loitering). One night, we stumbled upon the wireless traffic of a well-known public official chatting it up with his lady friend (while his wife was sitting in the other room). We know that she was in the other room because he shared that with his mistress on more than one occasion. While we were impressed that he even knew how to use IRC, we laughed so hard at some of the conversation that we about blacked out from the lack of oxygen.
This was about the time that we decided that we could make a business out of security. We would drive all over town and charge businesses to set up or secure their wireless networks. The look on their faces was priceless when we showed them their usernames and passwords to all of their online sites. We had some business owners shut down their wireless, permanently. Others knew that it was in their best interest to let us help because they couldn't afford not to have wireless or their customers would complain. We had an interesting conversation with the law on a couple of occasions. One thing about the law that you probably already know... the nicer you are to them, the nicer they usually are back to you. In the past, a lot of them barely used technology, let alone knew what we were up to. I can recall one business owner who complained and called the cops. We stood there and politely explained what we were doing. The business owner didn't even bother to encrypt his connection. Anybody could pick up his wireless signal and watch his activity, we explained. We even showed the officer how it worked. Needless to say, the cop was impressed and had a nice conversation with the business owner explaining that there were no charges that he knew of that could be filed. Later that week, the business owner called us back and asked us to secure his wireless network.
I'm sure wardriving is still a thing, but it's more time consuming to break encryption these days than it was in the past. Some of us moved onto legitimate jobs and some probably didn't. I only know what a couple of my ex-colleagues are up to. One became a virtualization specialist and does work for big corporations. Another runs an IT department at a local hospital. Me, I still run a small IT business and help other small businesses keep their computers running. I've just sat back and watched as the security business has exploded. While some of the technology has made it harder to penetrate systems from the outside, getting inside is still very easy if you know who to talk to and you have their email address. The best firewall in the world won't protect against some rube clicking on an attachment that they think came from FedEx or Amazon. And drive-by downloads? It's amazing the websites that people will browse while at work.
I remember when ransomware hit the scene just a few years ago. I was working at an automobile parts manufacturer when users started complaining that their files wouldn't open. Initially, it came in as an email attachment. The subject line didn't even sound legit. Some users will click on anything, I swear. Take it from me, hacking will never be difficult as long as there are stupid people in the world... and trust me, there are millions of them out there. One woman at an accounting firm clicked on an attachment that infected the entire network with ransomware. It took us almost two days to clean it up and get them back online. Then a couple of weeks later, she did it again. Same user... same email attachment. The email was simple and just said, "Your deposit didn't go through. Please click the attachment to reissue the deposit." Click! Bang! All your files are encrypted, lady. You would think that she would learn after the second time, but no! She did it a third time. Well... I bill by the hour, so it's no skin off my back.
Sometimes, when I have the time, I like to think about where the future of hacking is going. We are living in a world with tighter and tighter government restrictions, kids. Before 9/11, it wasn't against the law unless there was a law on the books outlawing a particular thing or activity. Today, everything is against the law unless they say it's okay to do it or to own it. Case in point: I love flying my drone and to do some people-watching. Technically, it's against the law if you fly your drone over a private residence or a crowd of 100 or more people... but they don't have a clue that I am there. I can fly high enough that nobody can hear the drone. Yes, I know that you aren't allowed to fly over 400 feet... but there are ways around that, too. A drone is a device that still gives you the freedom to go where you want and see what you want as long as you are cool about it. Load that thing up with FLIR and there is no privacy anywhere anymore for the common man.
It's illegal to fly a drone in a national park. However, you can watch some online videos of drone pilots complaining that they got fined because they posted their drone videos online. Tip one: don't post your drone videos online. Tip two: don't fly your drone near an airport. Even if they don't catch you, you could put lives in jeopardy. Don't do it. The drone wars continue unabated and I'm sure the laws will become so restrictive that there will be one park left in the U.S. soon that will be for dedicated drone pilots. If you want to fly your drone, then you have to go to the last one acre plot in the backwoods of Kentucky reserved for drone pilots. You can only fly it up to ten feet in the air... have fun, kid.
Yes, the future looks bright for hacking. The "Internet of Things" will embed devices in just about everything. In the future, we will be checking out our neighbor's fridge inventory and ordering a case of SPAM to be delivered to his house, just for the irony of it. We will be hacking into your Alexa just to hear what's going on in your living room. (I'm sure somebody has already done that, right?) Pretty soon, we will be hacking into your Nike shoes and adding 1,000 steps so that you think you got a great workout today. Heck, maybe we will even hack into your smart watch and make you think your heart rate is too slow, prompting you to make a medical visit for no real reason. Yes, there will be ways to have fun in the future.
Now, I've already been around a long time and I'm going to make some predictions that you may or may not agree with. I'm about to go all futuristic on you so be prepared. I predict that in the future, hacking will be dead. What?!? You might ask. Why?!? Two words: Artificial Intelligence.
Just hear me out.
Artificial Intelligence will be the game changer in technology. Assuming that we survive as a species, AI will surpass us in every possible way. AI will predict what your next move will be - in milliseconds. It will patch vulnerabilities in nanoseconds. When AI reaches critical mass or mass penetration (however you want to describe the singularity), it will be difficult for humans to creatively exploit the machines anymore. Maybe you think that human creativity and ingenuity will win the day. (And maybe it will win... for a while.) But, eventually, AI will be smarter than all of the smartest people in the world combined and it will operate at an intelligence level that is unimaginable to us today. Maybe if we can find a way to tap into that intelligence with some neuro-biological interface, we can push that day off. However, that day is coming and it's just a matter of time before we find out if a super-intelligent mind will actually care what we do on a daily basis.
But, until then my young Padawan, enjoy the opportunity you have today to change the world around you and mold it to your will. Use your skills for change that will benefit others (or just cash out with your big hacking payday, I don't care). Just remember that you lived in the golden age of computers and then decide how you will make your mark on the world.