SAN FRANCISCO (06/15/2000) - I was at a conference recently talking with the CEO of a computer security company who emphatically stated, "We don't hire hackers." Curious, I asked if she meant that her company doesn't hire people with criminal records. She clarified: "We don't hire people who attend DefCon, have online handles, or who participate in hacker forums. Or who hang around with hackers." In other words, her company doesn't hire people who don't conform to the mainstream. I wonder how she and her HR department determine which job candidates are associating with undesirables?
Is that perhaps why the term hacker is so controversial? Because hackers don't conform? The US Founding Fathers didn't conform, either. Down through the ages, any group that didn't conform to mainstream society was subject to various forms of persecution: the Inquisition, the Salem witch trials and, more recently, the McCarthy hearings.
It's rather ironic that the United States, which was founded on the principles of accepting diversity, supported McCarthy's modern version of a witch hunt.
It's comforting to look back on those days of investigating subversives as a black moment in the history of democracy, from which we have thankfully learned a lesson.
But have we? The June issue of Vanity Fair has an article by Bryan Burrough titled "Invisible Enemies." According to the editor, this is supposed to be an article detailing "high-tech procedural detective work." In reality, it is nothing more than a sensationalist, good-versus-evil script filled with the sort of cheap stereotyping found in TV movies. Perhaps that was what Burrough was looking for in the first place. Who cares about the facts? After all, this is Vanity Fair -- entertainment, not real news.
I care. I care because I work in an industry where I have to deal with the consequences of this stereotyping. Burrough picked up on the squeaky-clean image of J.P. Vranesevich, founder of AntiOnline, and cast him as the Hero of this little melodrama. It doesn't matter that Vranesevich is nothing more than a paid snitch with limited technical ability; he looks wholesome. He fits the part of Upstanding American Youth.
Burrough chose Vranesevich's harshest critic, Attrition.org founder Brian Martin, to play the Villain. After all, Brian looks like he just stepped off the set of The Crow and hangs around with subversives. It doesn't matter that he is a six-year veteran of the professional security field and has the respect of law enforcement and journalists. He looks dangerous. He fits the part of the Evil Hax0r.
I won't get into the specifics of everything that's wrong with this 10,000-word article (though the fact that it is 10,000 words too long is its first problem). Brian posted a rebuttal on the Attrition site that addresses some of the issues.
"But", a techie might argue, "what do I care? I just want to know about the latest product releases and bugs. I don't care about that other stuff." Well, upper management does, and, like it or not, mangers set the policies that govern how the techies play with the bits and bytes. Do you really want your managers to decide what nightclubs are acceptable for you and your fellow employees, and dictate the sort of person with whom you may associate?
"Oh, that'll never happen," you might say. Yeah. And we didn't think McCarthyism could happen here either. McCarthyism isn't dead -- it's just found a new target.
About the author
Carole Fennelly is a partner in Wizard's Keys Corporation, a company specializing in computer security consulting. She has been a Unix system administrator for almost 20 years on various platforms, and provides security consultation to several financial institutions in the New York City area.