Hacker Perspective: MRLN
My perspective as a hacker has changed quite a lot over the years. Computers, for all intents and purposes, haven't even been around for 100 years, making them one of the newest, most powerful, and most complex inventions out there. Computers have changed everything. Don't take my word for it, ask your grandparents. Computers wildly changed everything in a relatively short period of time. Computers are everywhere now - from the gas pump to your car and even in the hands of seemingly every person on the planet in the form of a cell phone. Here is a story of my journey through technology and how my perspective on what a hacker truly is has changed over the years.
I remember the first time I saw a computer. It was in a computer lab at my elementary school. It changed my life. It could play games, print out homework papers, play games, browse "The Net," play games, and had a neat little mouse with a metal ball you could take out and throw at classmates. And did I mention you could play games on it??! Kid Pix and The Oregon Trail were the highlights of my school day. I was also exposed to HTML in elementary school even though, unfortunately, I wasn't interested in it at the time and found it boring and hard. The concept of hacker back then, at least in my corner of the world, was little known and usually reserved as a synonym for criminal. Society perpetuated this concept that a hacker was a criminal that used computers.
Around middle school, I wised up and learned what you could really do with computers. Personal websites were huge at that time and I was learning how to code HTML from Angelfire tutorials and books the size of three bibles. I found it fascinating that you could design your own part of the web, mark your space, and put anything on it you wanted. Share it with friends, view their sites, and sign a guestbook or two. I still considered a hacker to be the same thing as the caricature of a hacker the media perpetuated at that time. Think The Matrix and The X-Files' "The Lone Gunmen." It was the lone 13-year-old in his parents' basement that was realigning government spy satellites for fun, penetrating government agencies to impress peers in their favorite IRC channel, and consuming endless amounts of soda and Hot Pockets. O.K., at least the last part was correct, but at that time it was Bawls soda and pizza... no offense to the Hot Pockets enthusiasts out there. Even though my narrow view of what a hacker was changed little, unbeknownst to me, I was progressing - I was learning how it all worked. The wires that connected to the modem. What a modem did. How to "program" a web page. How routers and switches connected multiple devices. What an intranet was. After all, isn't a hacker someone who is learning a system in order to make it work in a certain way that it may not have been designed for or even thought to be capable of? Gotta start somewhere...
Through high school, we caused all types of Ferris Bueller chaos. Getting out of school, viewing student records, and so on. Let's just say after I found out they didn't confirm doctor notes with the doctor or staff, it was all smoking doobies with chicks in hot tubs from there. I had more "doctor appointments" during school hours than a cancer patient. It wasn't all good, though. Rest assured the school faculty and administrators knew me and my nerd friends by name (we wore nerd as a badge of honor since our school didn't have many cliques and we all hung out for the most part). The principal even had a Post-it note of my personal website address on their desk (it was popular amongst my surprisingly wide group of friends that had various MP3s, ROMs and AIM hacks to download back when that was cool and a lot of them used the site to get games on school computers and I assume it was hitting the firewall pretty hard and got someone's attention), which was right next to the Post-it note of their Bess Web Filter! No more proxies for the cool kids, ahem, sorry, nerds, I mean. We kept that nugget to ourselves.
And it was good times up until a friend started NET SEND-ing messages to the entire school and one of his friends made a batch file "virus." They gave up the goods when questioned, and the Post-it note with the password vanished. All good things come to an end. Hackers around this time were "cool" and people were realizing they might not be so malicious, but highly technical users that could make computers do unimaginable things. To me this was like magic... actual magicians, casting cryptic code-spells into the ether, and producing seemingly impossible things out of nothingness. To me, hackers were the masters of this black box that no one seemed to understand. Admittedly, this was the more immature version of what I thought a hacker was. While we did in fact find holes in systems and ways around security controls, we rarely added much value and, in our immaturity, caused more problems than we solved. Our entire view was using our knowledge to do whatever we wanted: if you said something we didn't like in chat, then we crashed your computer; if we wanted to play games online, then we'd bypass the school filter; if we wanted to mess with a friend; then we'd hit a few keys and turn their desktop upside down on their monitor. Proof our moral compass hadn't quite developed yet.
In college, my view of what a hacker was matured. My past insecurities of not being smart enough to be one was quelled when I finally realized that a hacker is a technology lover who enjoys learning about it and makes new things possible, stretches the limits of technology, benefits humanity by using technology (hacktivism was big back then), or finds creative ways to fix issues. The ego-driven ways of the past were dead to me. I no longer cared about getting the approval of random people on the Internet. Joining a group to glad-hand ourselves on how l33t we were is hilariously lame. I now was concerned with learning about technology for the love of it! I wanted to know how it worked and, sure, sometimes that may require getting around something in order to make it do what you need it to do, but that doesn't have to be nefarious. As technology started to mature, so did I. I realized that you could still learn the black hat stuff. In fact, companies will pay big for that type of knowledge in order to protect their systems. As long as you are using what you learn legally, you can do anything you want to your own devices - much like Neo in The Matrix... it's your playground. Do what you want with it.
After college, I would say my perspective changed the most. Not because college guided me or even provided acceptable levels of education, but because it re-ignited my love of learning. I realized that learning on your own is one of the best ways to learn... there are few good teachers out there and they will only teach you what they are required to - and may not even have the same level of enthusiasm as you. I had the time and knowledge base to start learning the fun stuff. I also came out of my shell a bit and started to try to meet and learn from real hackers out there.
There's no crime in learning. Some of these people were college students while others were what I assume were shady career criminals. The latter taught me a few important lessons: f*ck the fancy stuff and just do what works; you can accomplish a goal without fully understanding it; sometimes that comes later and doesn't cheapen it since technology is a huge field and you won't always know everything all the time. After all, not everything has documentation, and since hackers are on the bleeding edge of what's possible, they usually write the rules, so to speak. Hackers are the ones that will tell you where the limits are and then break right on past them. Hackers are those who love learning. Hackers are "do-ers" and value practical experience. Hackers are the types of people that click around in dark rooms of video games and find the hidden Easter egg. Some do it for the lulz and others do it for the pleasure of solving an incredibly complex puzzle. Some use it for good and others use it for bad. Some want to impress people and others want to satisfy their insatiable quest for knowledge. What all hackers have in common is their love of exploration and using creativity to solve problems.
As I have grown in the community, I have truly realized how little I know about technology. Ironically, this excited me. There is so much to learn. You can learn a little about a lot or specialize in some niche field. You will always have something new to learn with computers and technology.
Enter - The Job. Dun-Dun-Dunnnnn. They always said "Do what you love and you'll never work a day in your life" and I have to agree with them. Growing up, I had little direction aside from "go to school and get good grades" and "don't get in trouble." (Can you guess what a kid is going to do, given that advice? I think we all know how well that advice was taken - in one ear and right out the other.) Anyway, as I started to enter the work force, I leaned into technology. It's what I was comfortable with. It's where all my friends were. It's what I did all the time anyway. Even if I couldn't think of a way to monetize what I was learning or doing at the time in tech, I filed it away as "one of those things that may help make some type of connection later" or at least "one of those things that can give you a bigger perspective." I mean, after all, jack of all trades are quite valuable people to have around.
I started out my tech career fixing computers at various computer repair shops. Then computers became so cheap, anti-virus software was gaining in popularity and everyone had a tech guy in the family, which meant these shops rarely lasted long. Nowadays, finding a computer repair shop is as hard as finding a TV and vacuum repair shop. Oh, and they aren't hiring. I started coding web pages to supplement my income and found that the Indian market was just crushing the American market. I mean, why even bother competing with someone who will code a page exactly like you want, add forms and databases for cents on the dollar? They even work with graphics artists in-house... how can you compete with that? I was at a loss and had to start looking elsewhere in technology to afford to live.
I started learning networking, which sounded fun, and obtained my CCNA, CCSA, and was working towards my CCDA certification. Almost immediately after my CCNA cert, I had a job in tech. I made my way into networking and worked there for several years. I found out I don't like it. It's repetitive and boring to me. ISP went down, link is flapping, QoS needs tweeking, bank employee unplugged the 5506 at a remote location for Earth Day to save electricity. sigh...
Lucky for me, networking is a preferred jump-in point for security, which is what I was focusing on getting into. I started learning about that, studying for the Security+ cert, and ended up in a very low-level security position with the company I was at and got my foot in the door. After a few years, I got into another security position, got a security clearance, and have been hacking away ever since.
Slowly but surely, little by little, progressing towards my goal of making what I love my career... and I love it! Security is a dynamic field. It provides you an opportunity to learn a wide variety of topics and technologies. After all, security is a small part of everything and simultaneously an illusion that doesn't exist in this world.
Nothing is 100 percent secure. That's just how it is. Computers weren't invented for security. They were invented to be connected and share information with each other. That makes it challenging and keeps someone like me engaged and not getting easily bored. There's also many aspects of security. You can be the corporate firewall guy, the at home bug hunter, the freelance coder/auditor, the red teamer/penetration tester, or learn a wide variety of skills working in a Security Operations Center.
Working with hackers has widened my eyes to the variety and personality types, backgrounds, and interests of hackers. We all share certain characteristics; creativity, curiosity, technical prowess, strange interests, and the like. However, we are quite a diverse group: men and women of all nationalities and backgrounds. Some are laser-focused on technology and have no other interests, while others enjoy gardening when not behind the keyboard.
I expect the future to change what a hacker is. Pretty soon, we will all be hackers because technology will be so ubiquitous and secondhand nature that the term hacker will encompass any tech lover and hacking will be an activity we all engage in... whether it's to be productive or just to get that ancient MP3 file format to play on your brand new Generation 2099 floating iPod/teleporter.
MRLN is now living the dream as a security analyst in Colorado while developing his security skills and growing his Linux beard. He won't be found on Facebook, but is an active member of numerous online forums/communities related to his eccentric hobbies.