-= 1 =-
I am 36 years old. I currently live in a small town in Northern California, but grew up in a semi-large city of just under two-hundred thousand people. I’m married and have two children. I own my own I.T. business where I support and maintain small business computer networks. I am a musician. I work. I spend time with my family. I indulge in music, art… and pursue a few different dreams, projects and personal life goals. I guess you could say I’m “pretty normal”.
I’ve worked hard throughout my life to ensure, as much as possible, that I am ultimately in control of my own life.
Like I said, I’m in the I.T. profession. But even before I started my career, I was constantly immersed in technology. I was a computer geek before being a geek was cool. Right behind me, in fact, is a Commodore 64 setup – a computer reminiscent of my very early childhood, complete with some of the video games I used to play. It is a nostalgic representation of the start of my love affair with computers.
-= 2 =-
As I grew up in the early 1990’s I became interested in what some might call the “digital underground”. Back then, before the Internet was a common household utility, this meant calling online bulletin board systems with my computer’s modem. BBSes were independently run systems belonging to geeks like me, places you could log-on and communicate with others that shared a common interest (usually relating to technology). They were essentially places you could send messages to others, play games and download files that others had uploaded to share. I like to think of BBSes as part of the digital “golden age”. Every board was an island, a separate country – ruled by those who created them and, in the vast majority of cases run for free with the sole intention of sharing and communicating.
For the most part, BBSes gave you anonymity. When you signed up for an account on a BBS, one of the first things you chose was an “alias”, a “handle”. Handles were your identity on that particular board. For the vast majority of BBSers, your handle was not your real name. The reason for this was actually the basis of why most people called BBSes in the first place – to be able to be someone different than who they were in real life. For me and many of my digital peers growing up, my handle was just as important as my real name – and in some ways more important. Who I was online was who I wanted to be in real life as a teenager, but couldn’t; someone who was respected for who I was on the inside and not primarily by physical appearance or social status.
Having an online handle also gave me self-esteem in real life. It provided me with an identity that I could fall back on and allowed me to conduct my real life with a bit more strength and sense of worth. I still use the primary alias I created and used on most BBSes in 1993 for my personal e-mail address and consider it just as much of a real name as my legal one, even if now as a nostalgic reminder of a time when I could escape the real world and be who I was without fear of ridicule. If someone was behind me and called out to me by my alias today, I would turn my head without hesitation.
-= 3 =-
Besides simply having fun and interacting with others like me, I used BBSes to learn about technology. One of the things I was most interested in, and still am, is computer security. Possibly the start of this fascination was before I even discovered the BBS. When I was 11 years old and a friend had come over to play, we walked into my living room and he saw my Commodore 64 computer on the floor next to our large, wooden-cased television set. He widened his eyes, looked at me and said, “Dude – you could hack into a bank with one of these!” My eyes widened as well when he said that, and my adolescent imagination started running wild. I had no idea computers could be used to access other computers. A couple of years later, I became officially hooked on computer to computer communication when a friend and I called our first BBS late one night and thought we had somehow accidentally accessed a secret government mainframe. “WHAT IS YOUR NAME: ” It prompted. We looked at each other in confusion. We gave a fake name. “WHAT IS YOUR LAST NAME: ” ….I hung up and immediately unplugged the phone line from the wall. I was scared to death at first, but underneath that fear was a boiling excitement that never really left me; that drove me to learn more and more as the years went on.
On BBSes, “hackers” were just about the highest rank in the hierarchy of users. If others considered you a hacker, you were “elite” – a few steps above the normal user. You possessed knowledge many other BBSers wanted. You were a knight in the digital domain. You were looked up to, sought after and even feared by some. The Mentor’s “The Conscience of a Hacker”, written in 1986, was something that when read made you proud to consider yourself a part of hacker culture. System Operators (SysOps) became hackers if they wanted to successfully defend their BBSes against the bad guys – the “Black Hats”.
Black Hats are hackers with ill intention. In the BBS days, they sought to cause destruction, delete or modify files, to completely dismantle boards – usually to gain what they believed was respect, but in actuality was mostly hatred by the rest of the BBS community.
“White Hats”, on the other hand, are hackers that secure their systems and help others secure theirs. Their primary motivation is to learn as much as possible about computer and network security, and to help others learn as well. Back then, if White Hats hacked other BBSes, it was simply to prove to themselves and others that they could do it, and would not delete files or otherwise cause harm (besides maybe leaving a simple ‘calling card’ such as a message that would be displayed to other callers claiming their hack). Other hackers considered themselves “Grey Hats” – those who dabble in both good and evil. A Luke Skywalker and a Darth Vader rolled into one, if you will.
Most good intentioned SysOps wanted not only to defend their BBSes against Black Hats, but to protect themselves and their users against the danger of law enforcement overreach. Back then, government agencies were creating accounts on BBSes for the sole purpose of investigating them – and taking them down if they felt they were breaking the law. The “illegal” content on boards was usually nothing more than text files that taught you how to hack or software that aided in doing so, such as scripts and programs that other users created themselves. Some boards (called “Pirate” or “Warez” boards) hosted illegal software, such as commercial applications that were cracked to allow you to use it without paying for it. These were in stark contrast to purely hacking-centered boards, and though the pirate and hacking communities many times intermingled they were looked at very differently from each other.
From the SysOp’s perspective, law enforcement’s sole purpose was to hinder the process of learning and sharing. By secretively infiltrating their BBSes, raiding their homes, arresting them, seizing their computers and causing real life devastation, they were seen as an enemy of freedom. They were the biggest threat to independently run digital worlds. Many boards had disclaimers at time of sign-up that if you were an employee of a law enforcement agency, you must inform the SysOp before you gained access. The reason for this was simple; to let cops know that you knew they were likely there for the sole purpose of invading the privacy of your userbase and to attempt to take away what had been built with care and the purpose of helping others learn more about computers.
-= 4 =-
These days, my focus is on the Internet. To me, having grown up online before most people knew what “online” meant, the Internet is simply the largest BBS in the world. Everyone and their grandma is a user. There’s a message base for any topic, file sections for just about anything you could ever imagine and online games that allow you to forget, just for a bit, the difficulties and stresses of real life.
But the Internet is much more than just for having fun. Business depend on it to function and communicate. It is now used in almost every aspect of modern life, from medicine to military. At its core, though, it is simply a worldwide network of computers. It is not biased toward any particular use or intention of its users. It exists to facilitate whatever needs its users can come up with.
And to me, unfortunately, law enforcement is an increasing threat to the basis of what the Internet means and is capable of. Don’t get me wrong, I understand that their intentions are good. I know that they feel they must protect e-commerce, governmental integrity, corporate interests…but their inability to understand what the Internet really is causes their actions to undermine some of its most important virtues of all of its users.
One of my main concerns about digital freedom is that many countries’ federal governments have not only the technical ability, but the increasingly LEGAL ability to hack into innocent peoples’ belongings. To hack my computers, my smartphone, my wife’s smartphone. My children’s video game systems (which have integrated cameras and microphones, which require a connection to the Internet simply to function). I look at laws being passed and see the potential for widespread abuse by the few that are legally allowed to exploit them. I feel like I should move my copy of “1984” to the non-fiction part of my bookshelf.
I do what I can to defend myself and my family against these potential intrusions. I have a strong firewall between the Internet and my home network. I use an anonymizing VPN service which masks my true IP address associated with my Internet service provider and provides an encrypted tunnel between me and the VPN service itself (which I trust more than my ISP, unfortunately). I run open source software everywhere I can and always make sure each device is up to date with security patches. I even employ low-tech solutions like placing black tape over camera lenses when I’m not using them. Little can be done to microphones unless I physically open up the electronics and cut the connection, because black tape won’t stop acoustic waves from getting to ultra-sensitive microphones underneath. I must trust my other methods of protection to be ‘good enough’ to prevent threats I cannot myself eliminate.
But all of these things can’t stop the most resourceful Black Hats from invading my personal space and the personal space of those I care about. I fear there is still nothing stopping nation states, including my own, from using known and undisclosed security vulnerabilities in computers and devices I have on my network to intrude on my freedom of privacy. Even one vulnerability, say in a connected game system, could potentially allow an attacker to tunnel in past my firewall into it and then attack my entire network from the inside. Covertly activating microphones, webcams, keyloggers, screengrabbers is much easier when you’ve got direct access to the device.
Not only is privacy in jeopardy, but the battle against online anonymity is growing. Many social networking sites try to force you to use your real name. There are laws in the legal pipeline attempting to make it illegal to use anonymizing VPN providers, or to assume you are a criminal simply by using one and using that assumption to legally hack you. Many high profile web sites and services disallow access simply by using a VPN-associated IP address or Tor (such as Hulu, Netflix, and many online commerce sites like Target.com). I understand that many are simply protecting themselves against criminals that use these anonymizing services to mask an attack, but a blanket reaction like blocking entire IP subnets is sloppy and overreaching at best. Why deny access to all of your customers that wish to practice digital security simply because a few bad apples use those same services as a way to attack you? That’s akin to outlawing all airplanes because of what happened on 9/11.
-= 5 =-
I don’t know what the future holds. What I do know is that some very basic human rights are currently being allowed to be tossed to the wayside by spreading fear, uncertainty and doubt to the masses. As the world becomes more dependent on the Internet for matters of modern life, the personal freedoms we all deserve seem to be darkening, shriveling, and fading to black. I feel the reason this is being allowed to happen is that most people don’t understand the technology they depend on, and therefore assume that the anti-hacker, terror-esque propaganda being spread about by greedy and naive governments and corporations is all true and must be stopped at all costs. These costs unfortunately include the right to individual privacy, anonymity and security. What people, in my humble opinion, must remember is that governments and corporations are still made up of people. And while many White Hats are employed by security agencies and corporate I.T. departments to secure their (and their clients’) assets, there are likely just as many Black Hats being employed which are circumventing these rights for their own benefit and the benefit of their employers.
We must, as a people, stand up once more for what we all deserve in life, which is peace of mind without compromise.