Jordan & Taylor’s sociological analysis of hacking communities addresses demographics, cultural aspects and external factors. No real demographic conclusions are drawn because of the confounding factors of anonymity, sample self-selection, and reticence founded on fears of prosecution. The data from the three surveys examined in an attempt to judge the size of the hacking community is inconclusive due to variable sample sizes, statistical methods and results. However, six cultural factors are extracted from the interviews with hackers, and hypothesised as providing internal community cohesion through collective identity negotiation. These factors are summarised below:
1) Technology: Hackers share an easy, innovative relationship with all technology, not just computers. True hackers hack anything and everything.
2) Secrecy: Hackers have an ambivalent relationship with secrecy. They keep their actions secret from authority but visible to their peers, in order to share information and garner recognition or kudos for their feats.
3) Anonymity: This factor is linked to secrecy, in that offline identities are kept secret while an online persona is actively constructed.
4) Membership Fluidity: Hacker communities are informal networks with high member turnover. This is due to the organic reasons of growing out of hacking and the massive commitment needed to remain ‘up to date’ in such a dynamically changing environment, but also because it makes detection and prosecution much more difficult.
5) Male Dominance: Little evidence of female hackers was found. This is linked to the fact that computer science is generally male dominated, through childhood socialisation factors and a masculine learning environment. The macho competitiveness of hacking and possibility of online misogyny fuelled by anonymity are also faulted, but no evidence provided sufficiently explains this gender anomaly.
6) Motivations: The motivations uncovered by Jordan and Taylor through their interviews were feelings of addiction and compulsion; curiosity; being online as an act of escapism from a boring offline existence; feelings of power; the desire for peer recognition and acceptance, and an altruistic desire to improve network security.
Several of these findings were corroborated by observations made at Kiwicon 2007 and through communication with attendees. There were very few women attendees at the conference, and many of them appeared to be the partners or friends of male hackers involved in organising the conference, and were helping out with administrative tasks such as staffing the door, and distributing tickets, programmes and lanyards. Out of the 16 presenters, none were women, and the Kiwicon organising team was self-described (albeit self-deprecatingly, in reference to a communication breakdown) as “a group of dudes” (Metlstorm 2007a). There was no obvious misogyny demonstrated, but a strong sense of aggressive competitiveness was present, with much heckling of presenters who botched aspects of their live demos, and even instances of audience members hacking into the live demos presenters were projecting onto the conference screen, and posting messages referring to the presenter being ‘pwned’ (hacker slang for taking control
behaviour was light-hearted rather than truly malicious, but it did certainly fit the usual socially constructed notions of ‘macho’ as opposed to ‘feminine’ behaviour. With regards to having an easy, innovative relationship with technology, Metlstorm’s previously reproduced statement described hacking as:
…an expression of curiosity and a desire to understand the operation of complex systems, in the same category as other enthusiasts.
(Metlstorm 2007a)
This speaks to a wider engagement with complex systems (or technology) of multiple types, and clearly, all who presented demonstrated extremely advanced programming proficiency and knowledge of computing systems. Those spoken to identified a range of motivations behind their hacking, corroborating all those described by Jordan and Taylor, with the notable exception of ‘feelings of addiction or compulsion’, with many adding that another primary motivation for them was to get or keep/do a job (as a compsec professional).
Jordan and Taylor’s third portal into the hacking community examines the manner in which they maintain their external boundary. This is done through an act of constitutive exclusion - an ‘us vs. them’ mentality that is maintained through their relationship with the computer security (compsec) industry. Given the significant cross-over evidenced in the New Zealand hacker community (or at least that portion of it attending Kiwicon), it is unclear how relevant or accurate this information is – perhaps it is just that it is slightly dated and from a different context – but the issues raised over online-offline crime analogies are worth mentioning. In Jordan and Taylor’s interviews, the hackers are variously described by the compsec professionals interviewed as ‘stupid kids’, ‘vermin’, and ‘vandals’; similarly, the hackers collectively described the compsec industry as being comprised of arrogant control freaks on a power trip (ibid.: 770).
However, it was acknowledged that some crossover occurred, with some hackers ending up working for the CSI and others involved in security testing, as previously outlined. The tendency for the compsec industry to draw analogies with physical crimes such as theft and breaking and entering, and the disfunctionality Jordan and Taylor identify within these analogies is significant, as physical crime analogies have been and still are consistently utilised in anti-hacking rhetoric and cybercrime legislation. As Jordan & Taylor explain, likening data theft to physical theft is flawed in that taking a digital artefact does not diminish the existence of the original copy, and breaking and entering or trespass as offline equivalences to hacking are also problematic, in that hackers frequently cause no damage, and sometimes even help the victim to identify a security flaw.
In summation, they define Levy’s (1984) hacker ethic as an articulation of “the complex construction of a collective identity” (Jordan & Taylor 1998: 775). Despite their exclusive reliance upon the self-articulated reflections of hackers on hacking (hardly objective sources), their conclusions are valuable, especially given the ‘imagined community’ thrust of their argument. They mark the beginning of an impressive chain of literature from the duo, which makes significant headway into a sociological understanding of hacking.
Tim Jordan’s (1999) Cyberpower does not focus exclusively on hackers, but on the wider subject of its title. Cyberpower is defined as “the patterns of social relations that create systems of domination, whose articulation in cyberspace fuels an even more dominant elite” (1999: 141). However, a brief discussion of hacking is undertaken. In Jordan’s opinion, hackers can be “some of the most powerful inhabitants of cyberspace”, despite many not having access to the latest and best in computing resources (ibid.: 90). He acknowledges that cost and access can be problems, but can also be “radically overestimated, particularly within developed countries” (ibid.). Expertise is seen as more of a barrier than cost, and hackers defined by being willing to put in the time and effort necessary to enable their equipment to take control of more powerful machines. The fact that hacking rarely requires a great deal of audiovisual computing resources, and the inexpensiveness
of satisfactory second-hand computers6 are given as further reasons for the comparative irrelevance of possessing the latest tools.
There are numerous examples of hackers using astonishingly outdated equipment to control the most powerful resources of cyberspace … Hackers demonstrate the extreme end of the technopower elite, where material resources are close to zero, though never actually zero, and expertise is monumental.
(Jordan 1999: 139)
This point has been re-verified recently; the so-called ‘Pentagon hacker’, Gary McKinnon, committed what one prosecutor has called “the biggest military hack of all time” with a dial-up modem (Boyd, 2008), and although this status is debatable (Ruffin 2009a), McKinnon penetrated several supposedly secure military networks with what is generally regarded as outdated equipment. Jordan’s observations are useful for tentatively situating hacking within wider patterns of socio-economic privilege, although he fails to really address the idea that hacking ‘know-how’ is stratified along similarly socio-economic lines.
Paul Taylor expands upon the sociological analysis of Jordan & Taylor (1998) with his (1999) volume, Hackers: Crime in the Digital Sublime. Similarly, this text relies heavily upon interviews conducted by the author with Dutch hackers, and is packed with quotes from interview transcripts. Taylor organises these in such a way as to support his main points, which are largely an extension of the hacker sociology he and Jordan previously proposed. The book is a rich source of insights into the hacking psyche, and a fascinating, accessible read that is likely to be enjoyed by the public and academia alike.
6 This is seen as largely a result of Moore’s law holding more or less true (Manners 1996, and
Rafferty & Tran 1996, in Jordan 1999: 91): it states that processing power will double every eighteen months, which means that every eighteen months computer prices should accordingly have dropped by half, or that double the processing power should be available for the same price. Therefore, second-hand computers are cheap.
Taylor re-acknowledges the contestability and gradual criminalisation of the term, noting its currently accepted meaning as related to “the unauthorised access to and subsequent use of other people’s computer systems” (1999: xi). He sees this as a result of “hyperbolic misrepresentation” (ibid.: xii) in the media, which is bound to the information revolution. As a society struggling to cope with the instability and generational discrepancies generated by rapid technical change and a world viewed in increasingly informational terms, hackers “serve to remind us of our technical vulnerability/ignorance” (ibid.: 1), with otherwise powerful groups particularly susceptible to fears that “their own apparent strength and superiority may prove to be an Achilles heel” (ibid., p. 8).7 However, it is also acknowledged that hackers have a tendency to play up this mystification with their penchant for threatening pseudonyms and group monikers; e.g. The Legion of Doom, Bad Ass Motherfuckers, Toxic Shock, etc. (ibid.: 6). This tendency has been confirmed in this authors’ own interactions with hackers – Metlstorm, Bogan and Headhntr were some of the typically hard-edged hacker ‘handles’ in evidence at Kiwicon, amongst many others.
Taylor again refers back to Levy (1984) and Turkle (1984) for their characterisations of the hack and hacker ethics, and proposes a further two generations, or ‘second wave’ be added to those of Levy (1984) – the previously mentioned hacker/crackers and Microserfs (who he names after Douglas Coupland’s eponymous novel). As Taylor acknowledges, these generations are not discrete, but they are, nonetheless, a useful means of categorisation. This proposed categorisation is reformulated in ‘Hackers: Microserfs or Cyberpunks?’ (Taylor, 2000), with the author drawing upon fictional representations of hackers to bifurcate the fifth generation into “the empty regimented capitalism” of ‘Microserfs’ and the “anarchic individualism” of ‘Cyberpunks’8 (2000: 55) – a differentiation later
7 An amusing example of this is given by Taylor (2000). In 1983, Robert Morris Senior, then Chief
Scientist at the U.S. National Computer Security Centre, is on record as stating that “[t]he notion that we are raising a generation of children so technically sophisticated that they can outwit the best efforts of the security specialists of America’s largest corporations and military is utter nonsense. I wish it were true. That would bode well for the technological future of the country” (Lundell 1989: 11, in Taylor 2000: 42). Five years later, his son, Robert Morris Junior created and unwittingly unleashed ‘The Internet Worm’, one of the first self-propagating computer viruses, which caused widespread destruction in large sections of the Internet and damages variously estimated at multiple millions of dollars.
abandoned. The erosion of the original, anti-authoritarian hacker ethic into ‘Microserfdom’ is seen to result from hackers’ interest in the intellectual thrills of hacking as an end in itself subsuming their interest in hacking as a means of political expression (Taylor 2001: 489).
Taylor (1999) reiterates the cultural aspects he sees as integral to the internal self- definition of hacking communities, adding youth to the list and providing a more thorough examination of hackers’ overwhelming masculinity, though again acknowledging that socio-cultural and psychological factors still fall short of a comprehensive explanation (ibid.: 26-42). The reassessment of hacker motivations retains some of those given in Jordan & Taylor (1998), and two new motivations are also introduced: boredom with the formal computing education system, and political acts.