Forwarded From: Nicholas Charles Brawn <ncb05@uow.edu.au>
24Jun98 UK: HACKERS FIGHT NET MONSTERS.
By Adam Barnard.
A new breed of hackers who use their codebreaking skills to crack down on
paedophiles and child pornographers on the Internet could help those
campaigning to make the Net safe for children.
Hackers were once the scourge of the computing world, reviled as anarchists
on a trail of wanton electronic destruction. Now they are joining forces
and forming secret societies to combat the people they accuse of posting
child pornography on the Web and trying to procure youths in chat rooms.
StRyKe (as he is known) is typical. By day an electronic systems specialist
in Cumbria, the 25-year-old hacker spends evenings and weekends furthering
the cause of his Internet Combat Group (ICG). Formed last year, the group's
15 members are united in two areas - their skills with the keyboard, and
their hatred of people who exploit children. "It makes me sick," says
StRyKe, his Lakeland tones giving way to an angry snarl. "These people are
animals. They commit the worst sort of evil. There is no such thing as a
good paedophile."
The ICG is the first group of its kind to emerge in the UK, following a
series of similar groups in America who report that only by breaking into
the computer systems of alleged paedophiles can their locations be traced
and their activities stopped.
Although the processes involved are usually illegal, police in America
accept information passed on to them on a "no questions asked" basis.
Scotland Yard also says it will act on any information - no matter where it
comes from.
Suddenly hackers, who once occupied themselves with distributing pirated
software, breaking into bank accounts and lifting classified information
>from defence networks, are taking on new ethical responsibilities. One
American group has gone so far as to christen itself Ethical Hackers
Against Paedophilia.
"I do think of myself as moral," says StRyKe. "The traditional image of a
hacker is no longer a valid one. I don't attack anyone who doesn't deserve
it. We are talking about people who deliberately harm minors."
The problems are well known. Paedophiles, rejected by society, have found
sanctuary in the anonymity of the online world, where users can disguise
their name, age and location. The Internet Watch Foundation, Britain's
Internet watchdog, reports a trade of tens of thousands of pictures on the
Web and on newsgroups, some of children as young as seven involved in
sexual acts. Others use e-mail and chat rooms to lure children into the
open, a practice known as "enticement".
The difficulty facing police is that it is often impossible to trace people
who post pictures and talk to children because the Internet makes it so
easy for users to disguise themselves in layers of networks and routers.
Child pornographers and child abusers have been able to communicate freely.
But hackers like StRyKe hope they may finally reverse the trend. By using a
host of advanced code-cracking techniques they are waging war against
paedophiles, tracing their identities, attacking their computers and
removing the pictures they post.
StRyKe says he started his crusade after stumbling on a link to a child
porn site in a hacking newsgroup. "It was an Amsterdam site which offered
pictures of little boys and girls," he says. "It was pretty horrendous."
He reported the website to the service provider who carried its files, but
"they didn't care. Those people never do anything."
Shocked into action by what he had seen and frustrated by the apa thy of
others, he turned to hacking.
"I am fully aware that what I do is illegal," he says. "But I'm careful,
and if I think I can get away with something I'll do it. I risk being
banned from computers, fined and sent to jail, but if people are using a
computer for something illegal it is indefensible. If you don't break the
law, you don't get the results."
StRyKe's first goal is to identify and locate suspected paedophiles. "There
are ways of pinning down where they are working from, even if they have
tried to disguise their identity," he says. He uses techniques with names
such as "pinging" and "fingering" to trace users back to their original
Internet service provider.
"Once you have traced the path they take, you can use search engines and
other methods to find a person's e-mail address and then learn their real
name and address."
Another option is to attack suspected paedophiles' computers to discourage
them from logging on. "You can 'bomb' them, and there is a flaw in Windows
95 which you can take advantage of to lock up their system. You can knock
them off-line."
An Australian hacking friend wrote a virus - appropriately named
Codebreaker - for StRyKe and his colleagues. "It will wipe a computer
clean," says StRyKe with palpable excitement. "It will take over the hard
disk and destroy all the pictures.
"Anything is possible. You can delete pictures posted on newsgroups and
change what's on a website. You can take over a chat room and then ban
everyone from it. You can even shut down an entire system. It's all a
question of knowing how.
"I'll do anything if I think it will ultimately help to protect children."
Critics of StRyKe's tactics claim that legal methods work just as well.
David Kerr, chief executive of the Internet Watch Foundation, which has the
support of the Home Office and the Department of Trade and Industry, argues
that there are things his organisation can do that hackers cannot. "While
we sympathise with their motives we can't condone what hackers do," he
says.
"We have a general brief against illegal activity on the Net and that
includes hacking. There are legal ways of dealing with the problem, even if
these methods can seem laborious and slow. Hackers may be able to do more
damage but they are not as well connected to the police, which is
ultimately what matters."
It is often hard for hackers to find out whether their information has
helped police. But American groups such as the Ethical Hackers Against
Paedophilia insist they are already making a difference, and the FBI has
gone on record supporting the practice.
But even StRyKe concedes that hackers may never entirely rid the Internet
of child abuse. "It is almost an impossible battle," he admits.
"But if you stop one person from harming one child then it's been worth it.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jun 29 10:25:45 1998