Hackers - What is Our Mission Statement?

by ScreamingYellowFish

Recently I have been thinking quite a lot about what appears to be an ever growing and widening chasm both within the readership and the hacker community writ large over several concerns that cast a pall over in an ominous and foreboding way:

What troubles me more, however, is the notion that these two vexing questions are somehow antithetical, or worse, that discussion of this topic has in and of itself become too toxic to approach.  That, to my mind, seems to have already had the corrosive effects that our detractors from our past would never have imagined could do more damage than their worst machinations.

This alone would warrant its own article and, in fact, I have already written and submitted one to this fine publication.

Instead, I thought it might be instructive to take a step back and shine some light on a more recent turn of events that sadly ties the two together in a more insidious way that clearly highlights the numerous problems at hand, and then some of my own thoughts and questions about who we are as a community, and what we can do to course correct while we still have the opportunity to do so.

In our professional lives, whether we are employees or contractors, self-employed or part of a partnership, at some point we have all come across and have signed myriads of documents.  Maybe you scrutinized them carefully with full attorney review.  Maybe you blindly signed them with nary a thought.

Example of these might be Non-Disclosure Agreements (NDAs), non-competes, invention assignments, previous employment disclosures, etc.  Upon leaving employment, you may have to sign termination agreements or separation agreements.  In disputes, you may even have to sign arbitration agreements, settlement agreements, and the like.

Let's now imagine a world where you create a nifty algorithm or app or whatnot.  Maybe its entirely your own, or maybe you borrowed from open-source, or some derivative idea, or collaboration.  Maybe it's all entirely original.  Maybe you did a prior art or copyright check.  Maybe you or your employer got a little lazy.  Here's where things start to get murky and worlds collide.

Our imagined place of employment occurred in the nutmeg state of Connecticut.

You are a contractor, and you run your own corporation and bill corp-to-corp.  Congratulations, you figure you are protected from harm under a corporate umbrella and, should anything go awry, you can shut down your company and start again.  Maybe that might be true if it's a civil matter... but what if your work was based off of stolen Intellectual Property (IP) from someone else?  You may be wandering into criminal territory, particularly if it happens to be federal or, say, military.  What if you didn't know?  Does that matter?  What if it was a client of your client that did this, like a cousin once removed?  Does that change the nature of crime?

Let's change the scenario.

You are an employee instead.  Are you protected now?  Not necessarily.  Assuming you are a bit-head who just wants to write cool apps and you got caught in the middle, does that mean you are off the hook if you were ignorant of the circumstances?

Let's go to the next level.  You found out and reported this.  Supposed you are ignored.  As a contractor, things truly get murky at this point.  Are you ethically required to walk away?  Can you walk away?  What if there is a severe financial penalty for quitting early or for not finishing the project?

As an employee, you dutifully report your findings to you manager.  Nothing happens.  You might even be told to leave it be.  You then kick it up to HR.  Again, nothing.  What do you do now?  Now let's suppose that they try to "incentivize" you to leave by making it a hostile place to work.  Eventually you are "let go."  Can you do anything?  Connecticut is an at-will state, so not really.  You could pursue the hostile workplace issue, but that just paints a target on your back.  You could pursue Connecticut's whistleblower protection act, which makes termination illegal.  Even under those circumstances, if you win, are you still protected from criminal liability?

All we wanted was just to write "kool code."  All we got for our trouble was legalese in places where the sun don't shine.  Worse, this is where what should be a streamlined process across the country becomes a nightmare game of Whac-A-Mole.  Everything I laid out here is all state law context dependent.  We lack any federally mandated guidelines that define a clear set of coherent rules and policies by which we can figure out how to navigate this mess.

It gets worse.

I pointed out in my last article the dangers of the new Texas abortion law, where Texas lawmakers successfully managed to ban abortion in the state of Texas by end running the Constitution.  Here's how they did it: The new law allows any private citizen to sue Texas abortion providers who violate the law, as well as anyone who "aids or abets" a woman getting the procedure.

Imagine now a scheme where any state can pass laws allowing a vigilante citizen or group of disgruntled citizens or corporations to come after anyone who may be in violation knowingly or otherwise of patent or copyright law, be they contractor or employee of any state or territory in the United States.  You can run, but you cannot hide.

With the proliferation of software products and applications to countries around the globe, this has become an even bigger issue.  Think this doesn't affect you?  Let's take another look at your nifty app.  Let's say right before the war in Ukraine, you had arranged with a major distributor in the Russian Federation to sell and disseminate your application.  After the war began, sanctions kicked in, but you no longer have or maintain control of your application.  That doesn't change the "boots on the ground" reality that any sale of your application is in violation of the sanctions.

I'm no lawyer, nor do I profess to be.  I don't claim to have profound expertise in contract law, employment law, or even international trade law.  That's not the point of this exercise.  What I want the takeaway to be is why talking about laws and politics matter - why talking about more than just coding and algorithms matter.

I have been an avid reader of 2600 since pretty much the beginning.

Before 2600, I was an avid reader of TAP, and before that it was YIPL.  I suppose I've always assumed that the technical, political, and legal worlds were always intertwined.  I think, maybe, the problem might stem from what may seem like an obviously clear mission statement, especially to older readers, but might not actually be so.

Even the masthead, 2600 - The Hacker Quarterly, does not really capture the point and purpose of what the hacker community has always been about and even where it is going.  I've seen so many attempts to define the hacker spirit, the hacker ethos, etc.  While so many attempts have been made to define what hacking is, maybe it's high time we start to have a discussion about why we are engaged in this endeavor in the first place.

Allow me to start with a few talking points:

O.K., that's the low hanging fruit.

I think where we begin to deviate is how we define hack and hacker.  If we can let go of the "bits and bytes" and "geek" for a moment, it soon becomes immediately obvious that there have been reams of pages throughout the magazine written on privacy, on individual rights, and on challenges to the status quo.

Hardly the stuff of CPU cycles or JavaScript.

Let's look at how that plays out in the last year:

In short, if we have the skills, ability, and imagination to take flight with the former, it would seem a moral imperative to become the wheel of change for the latter.  I'm thinking that is the hacker ethic and spirit.

We live in an ever-changing dynamic reality - one of power and regime change, of war and pandemic - but one thing remains constant.

We are the voice for those that don't have a voice.
Return to $2600 Index