http://www.washingtonpost.com/wp-dyn/articles/A25357-2001Apr16.html
By Ariana Eunjung Cha
Washington Post Staff Writer
Tuesday, April 17, 2001; Page E01
At age 3, Patrick Roanhouse got his first computer. At 7, he figured
out how to construct a modem out of scrap parts. By 14, he was running
around cyberspace under the alias "Anarchist" and working up all sorts
of havoc.
Then he met the 2600 Club.
The group, which publishes a popular hacker magazine, has an almost
mythical reputation. It has been investigated by the Secret Service
and has inspired monthly gatherings in more than 100 cities around the
world. In the early 1990s, one of those meetings, held at the Fashion
Centre at Pentagon City's food court, was busted up in a highly
publicized raid by police, who confiscated several bags of computer
books and printouts. Most recently, it was sued by the entertainment
industry for publishing code that lets users crack the supposedly
impregnable DVD format.
Patrick thought 2600 would teach him how to hack. Instead, it taught
him about job hunting, stock options and business plans.
"They have been a really good influence, and that's rather funny given
their reputation," his mother, Terry Roanhouse, said in a recent
interview. She and her husband, Michael, credit the elder 2600 members
with motivating their son, now 16, to do better in school and try to
start his own computer consulting company.
Without 2600, Patrick says he would "probably be one of those
pot-smoking, crack-sniffing guys who gave up on life a long time ago."
Club members still draw the attention of authorities. But the
perception that 2600 meetings are solely a place where hackers
exchange trade secrets and plot electronic break-ins is exaggerated,
or at least outdated, say technology experts such as Stuart McClure,
author of "Hacking Exposed," a kind of textbook about how to secure a
computer network.
"They are mostly just kids who want to learn about technologies and
push the boundaries of the law," he said. "But in general they are not
the threat that everyone sees them as."
Mike Godwin, former staff attorney of the Electronic Frontier
Foundation, agrees: "There's no doubt in my mind that the clubs have
done more good than harm, in that they've encouraged kids to develop
their knowledge and computer skills."
In many respects, the dot-com revolution of the past few years is
responsible for the transformation.
The explosion of e-commerce, e-banking and e-everything else in the
past few years has elevated hackers from ragtag renegades to
sought-after professionals. It has brought them new jobs, money and
respect. It's also given them a different perspective on hacking, one
that they're passing on to younger counterparts.
Among the senior members of the 2600 group in Washington who have
found themselves in this situation are Guy Montag, 39, an information
systems analyst who works for a government contracting company; Paul
Watson, 32, who used to work in the special investigations unit of the
Air Force doing computer counterespionage projects; and Michael Shoupe
(aka Roadie), 39, part of an elite systems security team at PSINet
Inc.
A member of a rogue motorcycle group, Shoupe used to make ends meet by
working as a disc jockey in a strip bar, among other odd jobs. After
being jailed for various computer crimes, Shoupe decided that he could
do better for himself by putting his electronic skills to legal use.
He started reading self-help books such as the "The 7 Habits of Highly
Effective People" and became a devout follower of motivational speaker
Anthony Robbins.
He set up the Hackers Defense Foundation, an advocacy and education
group, and landed several lucrative job offers from some of the
world's most successful technology companies. Shoupe traded in his
beat-up 1985 Honda, the one with duct tape on the fender, for a black
BMW.
His influence with the youngsters doesn't come from preaching or
lecturing. He simply talks freely about his rough-and-tumble past and
lets the teens make their own decisions about the consequences of the
mischief he produced.
A moral lesson during a recent 2600 meeting in Arlington is a case in
point.
Surrounded by five open-mouthed teens, Shoupe detailed how he would
mess with the phone lines so he could get free calls, and then move on
to other exploits. Many of the kids have memorized the epilogue of
such cases -- jail time, a stiff fine, community service and a felony
record. But the stories were fresh toa couple of teenage boys, one of
whom mumbled, "I thought about doing that."
Shoupe stared the boys down for a few seconds and said simply, "I
wouldn't recommend it." Then, with a shake of his gray-streaked
ponytail, he disappeared into the crowd.
A Loyal Following The group takes its name from the 2,600-hertz tone
some automated telephone networks once used to connect calls -- a
frequency early hackers learned to repeat so they could make phone
calls without paying for them. The club was founded in 1984 when the
first edition of its quarterly magazine for hackers was published. It
gained a loyal following of fans -- and law enforcement officials --
when it rallied behind Kevin Mitnick, who once was described as the
FBI's "most wanted" cyber-criminal for his online exploits.
Recently, a federal judge in New York ruled that the magazine was
guilty of copyright infringement for posting on its Web site some
computer code that allows people to copy encrypted DVD movies. The
magazine's editor, Eric Corley, aka Emmanuel Goldstein, has said that
the publication of the program is protected by the First Amendment and
is appealing.
The meetings, which take place at 5 p.m. on the first Friday of every
month, are always informal, held in public places and open to all. You
don't join 2600, you just show up. They're part party, part hobbyists
club, part schools for the gifted and part programs for at-risk youth.
The participants range in age from 12 to older than 60, from punkish
teens to balding men in suits. Nearly all are male.
When Patrick first showed up, he brought his father, a federal
government official with a law degree who says he knows "absolutely
nothing" about computers. He was there as a chaperon.
At that time, Patrick describes himself as awkward. He says he was
frequently "dogged" by his classmates because his family wasn't as
rich as others in his neighborhood and because of he was large for his
age (he now is 6 feet 5 inches tall).
"I had a lot of pent-up anger when it came to school and I became
malicious," he said. With what he says is only slight exaggeration, he
summed up his daily activities back then: "My mom thought I was
playing Sesame Street Grover's ABC, but instead I was hacking into the
Chinese government."
He says 2600 taught him the "hacker ethic," a value system that
attempts to define what's acceptable and what's going over the top in
the digital world. That is, probing systems to learn about their
vulnerabilities is okay as long as no damage is done, but flooding
sites such as Yahoo, Amazon and eBay with fake packets of data to
block legitimate users out is just plain stupid, Patrick said.
As the months passed, Patrick's parents said that finding older
mentors and computer-savvy peers at 2600 made him mature quickly.
Patrick, whose rosy cheeks make him look like he's always laughing and
happy, is now considered one of the most outgoing and confident teens
who show up at the meetings.
"He's got Unix skills as well as an eye for Web design and this
awesome curiosity. He's going to make some company really happy
someday," said Shoupe, who has been advising Patrick about how to go
about finding an internship.
Another regular at 2600 meetings, 17-year-old Stephen, gives this
reason for attending: "I try to talk to college and working people who
do computer science. I try to get advice on what to study and focus so
I can have a good job when I graduate. . . . I just try to leech
information off wiser people so I know what to avoid and what to do."
Club Talk
At a recent Friday meeting, Patrick was busy trying to get some advice
about his idea for a company. He and two friends have come up with a
plan to sell their services of laying computer cable in new homes
throughout Maryland.
"Hey," he called to one in particular. "Anyone want to invest some
money in some promising kids?"
Most of the old-timers laughed, but Shoupe suggested that Patrick
might start with an internship first. He once offered Patrick a job
updating the Hackerz.org site for the defense foundation, but the teen
had to pass because his online connection at home was so slow.
Among the tidbits of wisdom Shoupe offered up:
* Hacker friends are the best sources about openings. Use them often.
* When negotiating a salary, "pick a number and hold your
ground." More than a few 2600 members have received first-time
offers of as high as $80,000.
* Stock options are pretty useless nowadays given the stock market
crash, but "go for it" if you're a big gambler.
Dozens of other conversations are are taking place simultaneously
among the 2600 members standing and sitting in the corner of the
mall's food court.
Some are gathered around a guy sporting a black vest with gadgets
sticking out all over.
A few feet away, Montag is joking about a woman who showed up to the
2600 meetings a couple of times and then disappeared. "I wonder what
happened to FBI chick," he says, using the nickname he gave her
because she claimed to work for the agency, a claim that many were
skeptical of. The woman kept asking people to attack the computer
systems at her former boyfriend's company. Perhaps 10 years ago,
someone would have taken her up on the challenge. These days, such
requests are met with laughter.
But all is not innocent at 2600.
In a corner removed from the rest of the group, Watson and another man
were huddled together discussing what annoys them the most about the
modern Internet -- the banner ads. They were trying to come up with a
way to "solve" that problem. They talk about whether it would be
possible to intercept the ads and replace them with the words "Free
the Net!" Or maybe the easiest way to make them disappear would be
would be just to bring down the server computers for DoubleClick, the
company that manages much of the Internet's advertising.
"If we could find a way to get rid of those ads for a week we'd be the
heroes of the Internet," Watson said.
These kinds of theoretical technical analyses are common at 2600, a
mind exercise of sorts, even though most people say they would never
consider carrying out the attacks.
A few days after the 2600 meeting, however, DoubleClick officials said
they had been a victim of break-ins that "minimally disrupted" its
services.
Watson and his friend say they weren't involved. Asked whether they
figured out how a way to thwart online banner ads, Watson said yes,
they've concluded it's feasible.
But would they do it?
"Of course not," he said after a pause. "That would be illegal."
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Tue Apr 17 04:48 CDT 2001