The next notable subtopic within the literature and generation within hacking’s evolution is dealt with in Hollinger & Lanza-Kaduce’s (1988) ‘The Process of Criminalisation – The Case of Computer Crime Laws’, in which they dichotomise Levy’s hacker ethics and newly developed cybercrime legislation. The ongoing criminalisation and pathologisation of hacking (both legal and reputational) is linked in with a fourth generation of hacker, both actual and imagined – the hacker/cracker. This generation, and the generations five through seven to follow, are typological extensions to Levy’s (1984) first three generations, and are outlined later in Jordan and Taylor (2004). These extensions, despite having a temporal or chronological dimension, are not seen as mutually exclusive – rather, they identify different ideological subgroups within hacking, and are immensely useful in terms of grasping the diversity and evolution of the practice.
This fourth generation embodies the illicit nature of the hack, and its members are largely defined by their intent to achieve unauthorised access to computers and networks. This unauthorised access can be in pursuit of personal gain or out of sheer destructive malignancy, but can also be driven by more benign motivations, such as curiosity, challenge, or a desire to reveal (and thus prompt the patching of) weaknesses in computing systems. This generation and the issues it generated will be discussed in more detail, but suffice to say, hacking was and continues to be of increasing concern to both the public, and governmental and corporate institutions. Hollinger and Lanza-Kaduce’s text surveys the new legislature and regulations being installed in an attempt to define and control the legal limits of the new computer environment, and the resulting effective criminalisation of hacking involving unauthorised computer entry (regardless of motive). Beyond this basic lack of consideration for intent, these laws were often incompletely thought out and ineffective for a number of reasons, a tendency elaborated upon in ensuing literature on the subject.
Further literature addresses hacking from this criminological/legal perspective, such as Johnson’s (1994) Crime, Abuse and Hacker Ethics and Loper’s (2001) thesis, The Criminology of Computer Hackers, with the disjunction between hacker ethics and legislation often central to the discussion. These texts are part of a larger subset of literature found within computer industry, business and military publications, which tends to disregard any discussion of motive, and often considers hacking as criminal by default. Some notable examples are: Adams (1996); Evers (1996); Furnell (1999); Hancock (1998); Neighly (2000); Onstad & Rose (1996); Richardson (1997) and Weisenburger (2001). This literature is of limited usefulness here, as it involves little discussion of the hackers or hacking themselves, and focuses rather exclusively on potential preventative and protective measures to be taken against them and their actions.
3.1.4.1 The media and the beginning of the myth of the ‘electronic bogeyman’
Hollinger & Lanza-Kaduce (1988) are also important in that they note the importance of the news media in the criminalisation process - specifically, the way in which their sensationalistic coverage of hacking fuels public concern and has often prompted new legislation and amendments to pre-existing legislature. This ‘electronic bogeyman’ (Smith 2001: 66)4 phenomenon is of central importance throughout the literature to be discussed; hence, this early recognition of the trend is notable. It had been acknowledged in some of the earlier populist texts, such as Hafner & Markoff (1991), but this was arguably the first academic identification of the phenomenon and is therefore significant, despite its lack of empirical evidence. Amanda Chandler’s (1996) essay, ‘The Changing Definition and Image of Hackers in Popular Discourse’ continues in this theme, discussing the mass-mediated images of hackers in the U.S.A. and Britain. Chandler acknowledges the contested definitional nature of the hack, and drawing on Levy’s (1984) first three generations and the work of Hafner & Markoff (1991) and Clough & Mungo (1992), explicitly recognises the fourth generation, who “appropriated the word ‘hacker’ and with help from the press, used it to define themselves as password pirates and electronic burglars. With that, the public perceptions of hackers changed. Hackers were no longer seen as explorers, but as malicious intruders” (Hafner & Markoff 1991: 11). The emergence of computer viruses and worms and their usage by hackers in the Eighties had further entrenched this actual and perceptual paradigm shift. Chandler identifies five categories of image as prevalent in the mass-mediated representation
4 “[E]lectronic bogeyman: a hacker, instrument of a hacker, or anonymous source portrayed in the
mainstream media as a menace to society.” (ibid.. in main text) Smith’s text is a chapter entitled 'Upon Hearing of the Electronic Bogeyman', in You Are Being Lied To: The Disinformation
Guide to Media Distortion, Historical Whitewashes and Cultural Myths (2001). It is a biting
criticism of the perceived idiocy of the mass media and governmental and military officials with regards to hacking, citing numerous examples of endless recycling of incorrect information, including several April Fool’s day hoaxes that ended up in military reports. While amusing reading, it is more an opinion piece than an academic text, and as such, will not be reviewed further.
of hackers; ‘Cowboys and the Electronic Frontier’, ‘Intellectual Joyriders’, ‘Hackers/Murderers’, ‘Mad Hackers, and ‘Spies’.
Concerning the images of hackers as cowboys on the electronic frontier, Chandler cites a number of news media sources and the Electronic Frontier Foundation (‘EFF’) as representative of a wider impression of hackers as heroic, mythical individuals exploring the uncharted geography of cyberspace. Their adherence to an individual code of conduct and disregard for or circumvention of computer crime legislation is also identified as parallel to the frontier ethos of the Western United States compared to the Eastern States during the ‘winning of the West’. Chandler rationally posits that this image is one “for which the Americans have a sneaky admiration” (1996: 236), as is evidenced by its prevalence in American advertising and marketing.
Hackers are also linked to the ‘folk devil’ of the joyrider – “youngsters in stolen high-performance cars” (ibid.: 237). This association is based upon a similarity with the tendency for hackers to be young males, and to the antisocial, potentially dangerous, yet exciting nature of the practice. These connections with antisocialism and menace are extended upon by the murderous images of hackers, constructed by the news media’s tendency to focus on their potential to cause fatalities – the “standard nightmare scenario” (Sterling 1993: 40) - and films such as Die Hard 2: Die Harder and War Games, in which hackers knowingly or unknowingly interfere with air traffic and nuclear weapons systems. This trend continues today, with Die Hard 4.0: Live Free or Die Hard revisiting the theme, and the evil robots known as ‘Decepticons’ in Transformers and Transformers 2: Revenge of the Fallen engaging in malicious hacking activity, not to mention the almost weekly news articles warning of impending doom via cyberwar. The pathological nature of hacking terminology (e.g. viruses, worms) also continues to embellish these images of lethality.
‘Mad Hacker’ images construct hackers as individuals beset by a pathological addiction or compulsion; so obsessed with computers that they are unable to take care of themselves, shy away from social interactions, and have trouble differentiating reality and fiction. Allusions to sexual voyeurism and masturbation
Despite Computer Dependency, the 1989 study by Shotton, finding that only a very small number of computer users were dependant and that this was not necessarily a bad thing for either them or civil society, this image set was widespread, with Charlesworth’s (1993) ‘Addiction and Hacking’ providing a unconvincing legal perspective on the concept. Indeed, it continues to have significance in the modern discourse on hacking, as part of a wider and growing concern over ‘Internet addiction’ that pathologises the Internet in general, as well as hacking specifically. Chandler’s (1996) last image group of hackers as spies also resonates with the discourse on cyberespionage and cyberterrorism evident today (which will be further discussed shortly).
Overall, Chandler found the images to be uniformly negative in nature, although those presented in the U.S.A. were found to be slightly less negative overall, due to the tempering effect of the American-friendly cowboy and frontier images. There is no doubt that the negative representational trend identified by Chandler was and continues to be an actuality, and her selection of qualitative evidence is varied and compelling.
The same year also saw the publication of Duff & Gardiner’s (1996) article, ‘Computer Crime in the Global Village: Strategies for Control and Regulation - In Defense of the Hacker’. Noteworthy for their simultaneously ‘pro-hacking’ yet legal viewpoint, they make a legal assessment of hacking that recognises the importance of motive in the criminalisation process. They differentiate between the “clever/curious” and the “malicious/devious” (1996: 218), and acknowledge that the legal response in Britain and the U.S.A. had not yet made this distinction, nor had British or American state legislature distinguished between entry to a computer system and actual damage done. They also acknowledge the change in meaning of ‘hacker’, and the media’s role in this process: “Hacking has become a term loved by the media who have both mythologised and demonized the hacker” (ibid.: 215), and the link with the increasing control of public space and privatization of knowledge. Their rebuttal of the arguments for criminalisation hinges upon the notions of deterrence and retribution. They address the problematic issues of detection and enforcement, and the fact that this combination of unlikely punishment and elevation of mystique may actually promote further hacking. The actual moral
status of the practice is also seen as far from clear, as ‘curious’ hacking may actually further security measures through the identification of system flaws, and posit that the data owner should be responsible for ensuring that system security is at least adequate.
Theirs is, indeed, a refreshing change from the usual legal perspective, and they raise some valid points, but their text suffers from a sometimes uncomfortably self- conscious use of ‘cyberjargon’, and one gets the sense that they themselves are less than immune to the glow of hacker mythology. As Vegh neatly summarises, “their essay is rather a journey of two law school professors into the digital underground, given their superficial understanding of hackers and cyberpunks… and their falling into the same trap of sensationalizing what they otherwise rightfully acknowledge the media are doing” (2003: 224-5).
3.1.5 Generations five and six: The Microserfs and the free/libre and