GOING DOWN *-------< This article first appeared in "Iron Feather Journal" #14--March 1995. I have been reading and on occasion writing for IFJ since 1989. It is an excellent underground/techno/hacker/etc resource guide that can be obtained by contacting sprother@nyx.cs.du.edu or sending $5 to Steve Prothero, P.O. Box 1905, Boulder, CO 80306-1905. RECOMMENDED. *-------> What is a hacker? Are they really such bad people? Or do they just use the knowledge they have to gain more knowledge. Perhaps it is curiosity which makes them exploit a system for its worth. If you knew how to make free long distance calls you probably would too. Hackers usually know things like that. There are too many types of hackers to name. Some call themselves Elite and will not share anything; others, well they will help just about anyone. A pirate is someone who deals in copyrighted software. Similar to hackers there are various degrees of pirates. One could categorize a hacker in the same group as a pirate though. But really, it is not a complicated system and there are many good people out there--hackers and pirates. Pirates give and take software that companies usually charge a tremendous price for. Software companies try to blame the high price on hackers but we all know that is not true. If so then please explain to me how SEGA and NINTENDO cartridges cost $40-$70? It is not because of pirates! The hardware probably amounts to less then $10 per cartridge. If you saw a $20 bill on the ground you would probably consider picking it up. Well, pirates see software at certain BBS's or parties, or ftp sites and take what they can. About half (or more) of all the software a pirate gets is hardly used--who would want to pay for that. It is useless trying to justify pirating but the gist is many people do it to check out software. I agree with many hackers when they mention testing the software and if you use it a lot then go ahead and buy it. Of course I must admit it is mighty difficult buying something you already have. Below is a TRUE story about leaving a nasty paper trail. One sunny fall day early in the college semester day I got a call setting up an appointment for me to meet with the undergraduate advisor of my college. I thought for a moment and wondered what it could be for? Perhaps I would make the honor society and he was going to congratulate me on my excellent previous semester--I was only .005 away from being a member. Or perhaps the call was because I won some kind of award or scholarship. A thought of being commissioned for an art project even crossed my mind. I really was not sure what the meeting was going to be about which essentially caused a certain fear/excitement to dwell within my gut. Finally the meeting day arrived. Just before the meeting I was pulling some cool software (read "pirate") from a ftp site. I walked around, took a leak and went off to the meeting place. Three other people were there as well, apparently to meet with the same person also. Humm, I wondered. The advisor came out, we all greeted each other and I actually said "Humm, I wonder where I fit in here." The door closed the five of us in. There was me, the advisor, the system manager of the network (Unix), and two other fellows--security people? The main "security" person stated that what he had to say was kind of awkward and he did not know how to say it. He then laid a piece of paper containing information about a certain site (ftp site) in front of me. Right then I knew things worsened and the situation of why I was there came into focus. The paper contained a message I had posted to the USENET about a special ftp site (not related to commercial software) in numerical form. I was asked if I "posted" the message or had a hacker taken control of the account. Well, certainly the option for an excuse was opened but I decided to stick with the truth. I told everyone the message was posted to draw attention to the "special" ftp site not the "pirate" section. Of course, leaving out the PATH to the "special" section in the post did not help my case but they seemed to accept my explanation. The bad thing was I had realized there was a pirate site within the same subdirectory but accessible through a different path. They probably figured I was attempting to promote a pirate site which was definitely not the intention. Right there I learned the valuable lesson that Big Brother is always present! The main security person seemed concerned about the certain directory that promoted (or looked to promote) pirated/cracked software. Fingers were pointing to me. "Who created it? Did you?" Well, certainly I did not as I had an unauthorized ftp site there and hoped the pirate site would not interfere. Well, in the end it did. "This is a violation of the state computer crime's act." The main guy said. "We have a problem." "If it happens again there will be a bigger problem and the law will be involved." Boy oh boy, I thought, what have I gotten myself into. I did not do it! I did not create the suspicious directory! The meeting ended with the security people asking the system maintainer for a copy of the ftp system log and to find out who created the "special" directory. I left promptly and got rid of any "bad" stuff on my accounts. Who knew what those security people did or would do now? If they monitored the newsreader, perhaps they monitored people's accounts, perhaps their mail. EPILOGUE The next few days after the meeting I was paranoid. I would be more suspicious, more observant, and I even went so far as to minimize all my "pirate" stuff and reduced my "pirate" ftp intake to zero. There is a 10-copy felony somewhere on the law books and I surly did not need that before starting my career life so I cleaned up. I later heard some people were busted at the University I attended for dealing with "pirated" stuff that semester. I somehow suspect the meeting I attended was a direct result of this bust but I received no evidence to support this opinion (i.e., they had to find someone to make an example of). The moral of the story is that "these people" can easily point fingers, incriminate, incarcerate, and ruin ones "future" on speculation alone--hey, they could have easily done it to me because of the post. One does not need to be proven guilty in this society--if it hits the media and people see you then you ARE guilty. Best bet is to cover your tracks because if they have no evidence--well we know the law. Unfortunately people have the wrong idea about hackers, pirates, and the computer underground. Be sure not to judge a book by its cover nor always believe the "story teller" because there are good "computer" people out there, including myself, whose intentions were and still are to help. -Pallbearer