________________________________________________________________________________ !nt3rh4ckt!v!ty Part One by Jon McKenzie - 11/08/1999 [columns] Hacker Trading On the morning of April 7, 1999, the stock price of PairGain Technologies Inc. suddenly rose more than 30% amid rumors that the company was being acquired by an Israeli rival, ECI Telecom Ltd. The rumor of a buy-out of PairGain had been in the air for months, but that morning it caught fire on a Yahoo! finance bulletin board. Stacey Lawson, a 32-year-old female IT manager from Knoxville, posted a message about the buy-out along with a link to a Bloomberg News page that announced the story as well as quotations from the CEOs of PairGain and ECI. As rumors are want to do, the story of the buy-out traveled quickly, accelerated by cutting-edge information technology-there were mass e-mailings via a web service called Hotmail-and by good old fashioned speculative greed. In a short time, the price of PairGain skyrocketed and over 13 million shares of PairGain were traded that day on NASDAQ, about 700% higher than its daily average. But something was amiss. Investigators from NASDAQ and the Securities and Exchange Commission (SEC) suspected insider trading-in this case, insider information being leaked in order to dramatically increase the stock's value. The management of PairGain and ECI were contacted, but both denied being involved in any negotiations. For its part, Bloomsberg News also denied knowledge of the buy-out, and it was discovered that the report had actually been published on Angelfire.com, a site operated by Lycos. Smelling a hoax, investigators turned to Angelfire and to the Yahoo! bulletin board and started sniffing out the remnants of electronic shenanigans and digital chit-chat. Someone had apparently downloaded graphics from Bloomberg.com and used them to create a bogus web page reporting the buy-out; next a message was posted on Yahoo! with the link to the bogus news report and mass e-mails were launched through Hotmail. The FBI was called in, though by then the ploy's plot had become clear: invest in PairGain at one price, start a buy-out rumor using Hotmail and Yahoo!, "substantiate" it with a "news report," all in order to drive up the stock's price and then make a tidy profit by selling it off. By noon of the same day, news of the hoax had brought PairGain's price back down (though it ended the day up nearly 10%). A few days later, the gig was really up. Following the trail of IP addresses left at the sites of the hacks, FBI agents closed in on Gary Dale Hoke, a 25-year-old, mid-level engineer employed at PairGain's Raliegh, NC operation. He was arrested and charged with securities fraud. In June, Hoke pleaded guilty. He apparently acted alone. Hoke's hoax made headlines in both traditional and online media, and morals were quickly drawn up: old tricks can find new outlets-and new suckers-on the web, and covering your tracks in cyberspace is harder than you might think. But there are other lessons as well. Hoke's stated motive, for instance, was hardly illegal: personal gain, the maximization of utils, is considered a prime mover of stock market speculation. What was illegal were his means: the fraudulent dissemination of securities information. For those of us interested in interactivity-which may be situated at the limen of social and technological performance-the most pertinent lessons of the PairGain hoax lie in his techniques, namely, the creation of a digital avatar (an alias of Dale Hoke, Stacey Lawson enjoys tennis, dancing and water sports), the mimicry of a report by a leading financial news source ("ECI Telecom and PairGain Technologies, Inc. today jointly announced that they have entered into a definitive agreement"), the rumorological use of bulletin board and e-mail services ("GO PAIR!!!!")-and, perhaps most importantly, in the speed and ease with which all these techniques broke down. Hoke had applied his knowledge of online communities, telecom companies, and interactive multimedia in a project designed to hack his way to riches. In terms of this objective, he failed miserably, for not only will he do time in prison, his plea bargain commits him to repay millions of dollars to investors who lost money trading PairGain that day. But it appears it he did gain something: a place in interactive history. Though the SEC had previously brought charges against online investment sites for the practice of "pumping and dumping" (driving up prices and then unloading stocks), Dale Hoke will likely go down as the first person to commit this brand of security fraud. He is the world's first hacker trader. Interhacktivity These pages explore a certain combination of interactivity and hacking. Restricting myself to domain of the World Wide Web I will explore and examine this combination under the term interhacktivity. What is interhacktivity? To flesh out a response to this question, let's begin by examining its components. Web interactivity is often approached as a rather intimate exchange between an individual and a web site, the reciprocal feedback of human and computer behaviors. Even critiques of interactive alienation presuppose its intimacy. And, indeed, today's computer and web developers seek to make interactivity as individualized as possible. Drawing upon decades of research in human-computer interaction, they strive to create highly personalized interactions and unique online experiences. The entire new media industry-which includes web developers, software companies, game developers, computer and telecommunication companies-has put into gear a shift called for years ago by Brenda Laurel: to move from engineering interfaces to designing experiences. The result: at decade's end, web interactivity is more humanistic, more artistic, and much, much more profitable. But clicked into from another window, custom interfaces and personal experiences can be reloaded in different way: as highly orchestrated, highly replicable productions, something else new media companies know quite intimately since their business consists precisely of teams of corporate execs, programmers, engineers, researchers, designers, writers, and production managers, all working together to create these intimate interactions. Produced along the borders of cultural and technological systems, web interactivity is a sociotechnical performance before it is a human-computer interaction. Executives sign deals, engineers build systems, programmers hack code, producers pull it all off. Interactive scenarios arise from decisions about a web site's audience and functionality, about the "branding" of product and personal identities and the "look and feel" of their interactivity. To pregauge user interests and activity, researchers study related sites and may conduct surveys, interviews, and usability tests with in-house or specially-selected groups. Results are fed back into the user experience scenarios, which are refined as information architects design site structure and navigation paths, and these scenarios take shape as content strategists and information designers determine what information appears on each page and how it is presented. "Creatives"-multimedia artists, graphic designers, and writers-generate the sights and sounds and texts that animate the experience (or not). And last but not least, indeed, first and foremost, programmers and engineers craft the codes and systems through which people and machines digitally interact on the web. In short, while one can theorize interactivity as the exchange of inputs and outputs or stimuli and response, or, more poetically, as the co-creation of a unique experience between a person and a computer, there is no human-computer interaction that does not presuppose complex social and technological networks, and with them, the values and power setups they enable and are enabled by. It is precisely at this level that interactivity is hacked. The terms "hacker," "hacking," and "hack" all very widely in their deployment. "Hacker" can be fairly inclusive, referring to any computer programmer, and "hacking" may be used to mean simply writing code. Yet the terms "hacker," "hacking," and "hack" can also be very exclusive in their semantic range. Within the programming community, for instance, the term "hack" can refer to an inelegant, very effective, solution to a difficult programming problem. Hacks are mediocre, ad hoc responses or, if you prefer, ad hack solutions to situations that really require more creative rewriting of a program. But a hack can also be just the opposite: a brilliant bit of code. And there's another, far more widely-used, sense of hacking, one that, while still more exclusive than the original meaning, has entered into popular culture. Here hacking has become the digital version of breaking and entering-for starters-for it often refers to illegally gaining entrance to a computer system, such as a public web server or a private communications network, and then violating its databases or applications. A hacker in this sense is no longer someone who "simply" writes computer code. It's someone who infiltrates or "cracks" the programs and files of others. Within the hacker community, some distinguish hackers from crackers, defining hacker as one who writes code, and cracker as one who breaks or cracks them. These cracker hackers can and do write code, but their hacks are produced to get around firewalls, download documents, replace files, overwrite data and/or overload entire computer and communication systems. Combining this last sense of hacking with the notion that interactivity is a sociotechnical performance, we can define interhacktivity as interactivity that has been hacked, or has as its goal some sort of hacking. Coming at it from the other end, interhacktivity is hacking that focuses specifically on the interactivity between humans and computers. It is hacking that not only takes aim at technical systems, but also targets social systems. As such, interhacktivity shares certain affinities with propaganda, political discourse, consumer marketing, psychological warfare, education, activism, and confidence games. (A hack can also be a prank.) As an emblem of interhacktivity, the PairGain hoax involved using specific technical practices (e.g., the creation of a bogus news site and mass e-mailings) in order to hack a specific community, the users of the Yahoo! bulletin board and, more broadly, investors who utilize the web as part of their speculative strategy. Hoke had planned his scam for two months before putting it into action, and he chose his targets carefully. Yahoo! is one of the web's most popular portal or entry sites, and as such, its bulletin boards have a huge user base. His e-mails were also strategically targeted, being sent out to money managers and trading desks. Most importantly, Hoke sought to exploit the inherent rumorological tendencies of the investment community through a He did not actually start the rumor of a PairGain buy-out; he merely simulated its confirmation and then sat back to capitalize on the speculative effects of this simulation. In a sense, Hoke's interhacktivity drew upon an existing sociotechnical system in order to create a quasi-autonomous economy, one that, for a short time a least, performed better than he himself had foreseen. But in the end, he didn't capitalize on his scam. Though Hoke owned PairGain stock, its performance alarmed him and he didn't push the sell button. According to Christopher Painter, an assistant U.S. attorney, "Things got set in motion and he got cold feet" (Painter, cited by Gaw). His interhacktive system had frozen up. Interhacktivities, Major and Minor Perhaps the question is not really "what is interactivity?" or "what is hacking?" or even "what is interhacktivity?." Rather the most pressing query may be "which one?" For there are interactivities and interactivities, hacks and hacks, interhacktivities and interhacktivities. All are multiple and divided, for all are marked by internal differences, external situations, diverse evaluations and multiple power plays. Which interactivity? Which hack? Which interhacktivity? The challenge lies in sorting them all out while also engaging them critically and creatively. Here Deleuze and Guattari's distinction between major and minor becomes pertinent. "Major" and "minor" are terms they introduce to distinguish normative and mutational processes in art, science, and society at large. A major art, a major science, a major language is one that dominates a given sociotechnical system or tradition. The major is filled with Great Works, Great Men, Great Events. The minor, however, works against but also within the major. In theorizing the minor literature of Kafka, for instance, Deleuze and Guattari investigate 1) how Kafka experiments upon the major languages used in his native Czechoslovakia, transforming its senses into new and strange intensities; 2) how such experimentation is necessary but insufficient if it does not connect to a political immediacy; and 3) how Kafka's writing functions not so much as a social critique but as a "relay for a revolutionary machine-to-come," as a collective assemblage of enunciation already in contact with the future (16-18). Risks arise at each of these levels, not the least of which is falling back into the reading machines of major literature-its canons and periods, its genres and author-ities. Not only can a major language become minor, a minor literature can also be made major. This distinction between major and minor opens up several possibilities for theorizing interhacktivity. We can define the internet's rapid (and some would say complete) commercialization since the web's arrival as the emergence and consolidation of a major interactivity, the establishment of dominant communication channels and standards of behavior-both human and computer. What began as a national security project, matured as a research network and then blossomed strangely, briefly, in Mosaic bits of HTML, today finds itself overgrown by its progeny: e-commerce, webcasts, personalized experiences, transactivity. The scripting of user scenarios, the customizing of pages, the targeting of banner ads, the "driving" of content to users-such practices are coming to define web interactivity. But this major interactivity is also shaped by other sociotechnical systems clustered around the web, such as "traditional" media (especially television and telephonics), the stock market (especially the technology-laded NASDAQ), and state governments (particularly that of the U.S.). From this perspective, interhacktivity is a form of minor interactivity. By hacking into the major interactive practices promoted by internet service providers, corporate sites, and portal search engines, interhacktivity seeks to disrupt technical systems and detour the social experiences of users. Their codes are decoded and scrambled, their standard performances altered, sociotechnical systems may become disoriented, function wildly, even crash. The PairGain hoax, with its breach of security measures, its miming of discourses and practices, and its intervention in not one but several communities-offers an example of minor interactivity. Yet from another perspective, we can ask to what extent Dale Hoke's scheme constitutes a minor interactivity. He no doubt experimented with the discourse and practices of a recently established yet powerful sociotechnical system. But that's as far as this interhacktive intervention went. There is no evidence that Hoke sought to connect his experimentation to any political situation, much less use it to construct an assemblage that tunes in futural arrangements of power and resistance. This comes as no surprise, given Hoke's apparent motive of personal financial gain. So rather than simply define interhacktivity as minor interactivity, it may be more productive to also distinguish between major and minor interhacktivities. Major interhacktivity involves hacking the interactive network of a sociotechnical system, but that involvement either fails to challenge dominant societal norms or conforms to them, whether implicitly or explicitly. The PairGain hoax now offers itself as an example of major interhacktivity. Hoke recombined a number of existing discourses and practices to intervene in the sociotechnics of computer-enhanced investing. But although his hacking of an interactive network did violate a number of its protocols (and a Federal law), it did not transgress its underlying norm, a norm that increasingly characterizes more and more of American society: to make a profit in the stock market. By contrast, minor interhacktivity entails hacking the interactive workings of sociotechnical systems in order to challenge repressive situations and the norms that help produce them. One recent site of minor interhacktivity was the Bhabha Atomic Research Centre (BARC), India's premiere nuclear research facility. BARC had been crucial in the recent development of that country's atomic bomb capability. and shortly after the Indian government's series of five underground nuclear tests in May 1998, the site was infiltrated by first one, then two, then legions of hackers. Apparently, the first to enter was a certain t3k-9 (read "tech-nine"), a 15-year-old American who after learning of the nuclear tests on TV searched the web and discovered the BARC web site. Using a password cracker program, t3k-9 "cracked" into BARC's supposably secure server in less than a minute. Once inside, t3k-9 then downloaded all the passwords and log-in names, some e-mail messages and one souvenir scientific document, and before leaving, erased all tell-tale electronic footprints. t3k-9 also created a "backdoor" that would allow easy reentry. A short time later, t3k-9 confided the hack to an online friend and fellow hacker named IronLogik. IronLogik, an 18-year-old Serbian immigrant living in the U.S., carefully prepared his entrance into BARC by threading his way through numerous corporate, government, and military sites. He even picked up a new IP address from Los Alamos before using t3k-9's backdoor to enter the BARC servers. Once inside IronLogik established himself as a virtual system administrator, gaining almost total control of the network. He downloaded some e-mail and listened in on a few online conversations. Though he was tempted to enter BARC's internal intranet-where the highly sensitive material would be stored- IronLogik decided the risks were too great. Meanwhile, t3k-9 had posted the entire BARC password file, some 800 passwords, to other hackers. They wasted little time in entering the research facilities' computer system. One group, named milw0rm, methodically reeked havoc on the system and in doing so went public with the BARC hack. milw0rm is composed of teenage hackers who live in England, the Neatherlands, New Zealand, and the United States. Soon after t3k-9 posted the password list, milw0rm entered BARC and over the course of a few days gained control of six of its eight servers. Not content to lurk around the system, they also downloaded e-mail, but went a few steps further. The group erased the data on two servers and replaced BARC's homepage with one of their own design. It contained a message to the nation of India. The full text reads: oh gn0, like this is what happens if j00 play with atomic energy!#@! It g0es b00m"#@# so PLEEEZE, do not fuck around, didn't you parents ever teach you manners?.. I like the world in its current state (i guess), well its better than the world would be if the b0mb went b00m... think about it k1dz, its not clever, its not big, so don't think destruction is cool, coz its not.. If a nuclear war does start, you will be the first to scream..... You all saw the movie WARGAMES right? well...That could have been us$#@ So India, LISTEN TO WISE OLD MILW0RM...You do not need nuclear weapons in the 1990s!#@! STOP THE SH1T 0wned Savec0re - JF - VeNoMouS JF - Hamst0r - Keystoke - savec0re - ExtreemUK The Nuclear p0wer 0wn1ng spree continues... milw0rm's hack reverberated across diverse sociotechnical systems, not only those of BARC and other nuclear research facilities, but also intelligence agencies and diplomatic corps, arms control and activist communities, states and peoples, all of them communicating and interacting over the same network. In a June 3, 1998 interview, milw0rm members savec0re, VeNeMouS, and JF stated that they had entered the site through its Sendmail program and reiterated their protest against the Indian government's nuclear tests. "I'm just sick of nuclear shit," said VeNeMouS. The three also threatened to infiltrate the Pakistani government sites as well. After first denying the hacks, BARC officials the next day confirmed that their computer systems had been infiltrated. Over five megabytes of e-mail was downloaded. BARC also announced that a second group of hackers had attacked the web site, this time leaving this message. "This page has been hacked in protest of a nuclear race between the India, Pakistan and China. It is the world's concern that such actions must be put to end since, nobody wants yet another world war. I hope you understand that our intentions were good, thus no damage has been done to this system. No files have been copied or deleted, and main file has been just renamed." BARC closed down its site temporarily and upgraded its security. The cracking of Bhabha Atomic Research Centre generated countermeasures elsewhere and unleashed heated debate about nuclear proliferation, cyberterrorism, information security, and hacker ethics. The U.S. Army issued a warning to its own information systems managers to monitor and block suspected IP addresses identified in the BARC hack. An editorial by ZDNet, a popular site which also houses Inter@ctive Week, denounced the hackers' actions on the grounds that they had denied information to U.S. intelligence agencies while benefiting the "real terrorists." For their part, milw0rm members stated that their purpose was to draw attention to the lax security around some nuclear research sites. "If you're gonna amass data which can take [so] many lives," said savec0re, "at least secure it." The hacker and activist communities were each divided, programmers over whether the hacker ethics (in two tablets: "information wants to be free" and "thou shall not destroy data") had or had not been violated, the activists over the hack's overall efficacy as well as the electronics of "by any means necessary." Even the hacktivists who cracked BARC were split. IronLogik disparaged milw0rm for destroying documents, defacing the homepage, and taking credit due to himself and t3k-9. The BARC and PairGain incidents are both highly interhacktive. In each case, codes and behaviors of specific infrastructures were cracked in order to hack the words and behaviors of their social interactors. In each case, a hacking of interactivity occurred that altered, for however briefly, one or more sociotechnical systems. Beyond this, the two hacks diverge, allowing us to flesh out major and minor interhacktivities in more detail. With PairGain, the hack created a small, detoured market for the purpose of making some tidy profits, while at BARC the hack took over the controls of a government computer facility in order to protest the facility's role in nuclear weapons tests. Unlike the PairGain hoax, the BARC incident connected to an immediate political situation-the arms race in Asia and the world. milw0rm attempted to maintain the protest's momentum by a "mass hack," replacing some 300 homepages (ranging from business and sports sites, to porn and fan sites) with a protest page. It is this linking, this seizing of a political moment, that marks minor interhacktivity. (End of Part One) A Scene from The Electronic Disturbance Theater's Book: Hacktivism: network_art_activism. Coming Soon to a Theater Near You!! BARC © THE THING 1998 ________________________________________________________________________________ no copyright 1999 rolux.org - no commercial use without permission. is a moderated mailing list for the advancement of minor criticism. more information: mail to: majordomo@rolux.org, subject line: , message body: info. further questions: mail to: rolux-owner@rolux.org. archive: http://www.rolux.org