“The Land of Make Believe” In recent years, playing pretend has become pretty popular. Security through obscurity has more or less forced itself upon us as the accepted norm, and people everywhere must now turn a blind eye to virtually every problem they encounter. Don’t believe me? Numerous cases have come to pass of people warning others about security holes, only to find themselves arrested or threatened with litigation by a company that didn’t want the “negative exposure.” On top of that, we’ve all heard about the computer hackers that report a vulnerability, most recently involving wireless networks, and wind up being threatened by the company for gaining access! Apparently to them, the only suitable way to know that a network is vulnerable is if you’re psychic and never go anywhere near it. Your choices are simple; either stay silent, or warn the company and face punishment for trying to be a good Samaritan. Not only that, undoubtedly a number of hackers around the world will label you a “blackhat” or “cracker”, or whatever other word they can come up with. Full disclosure, to sources such as 2600, Phrack, or Bugtraq are the best way to ensure you keep your anonymity, and let the world have the information. But for the purposes of this introduction, that’s getting a bit off track. The concept of remaining silent, however, is completely appropriate. The world of 2003 is one where weaknesses abound, but this intro is not intended to argue the rights and wrongs of utilizing or exploiting these weaknesses. Instead, it’s meant to merely point out the realities we now face, and hopefully bring them to the foreground so they can receive the attention they deserve. We’ve all seen them, after all, in one form or another. And in this “post 9/11” country (terrorism happens all over the world, don’t assume its anything new for everyone else), staying quiet and pretending something doesn’t exist is the only “acceptable” way to behave. The wireless network we have to pretend we can’t get into, the connections on a cable modem LAN we must pretend we can’t sniff. The movies we want to see, and how we need to go to the theaters to see them, or wait for the DVD. The cellular/portable phone calls we make believe we can’t listen to. The “members only” content we act as though we can’t obtain through other means. All of these things are examples of playing pretend. Each one can be accomplished easily with a little technological know-how, or nothing more than a simple internet connection. But acknowledging these things is something businesses don’t want to see happen. Just imagine what would happen if cable modem ISP’s were required to tell their customers outright that anyone can sniff their connection at anytime? How many people would see cable as a viable alternative? The numbers would certainly decrease, so from a capitalistic standpoint, staying quiet is the best way to go. The same applies to cellular phones, portable phones, wireless networks, and everything else mentioned above. Most notably today is the access to music and movies that the internet provides. Filesharing has provided people with a way to see what they’re buying before they pay for it, something more or less unique to the entertainment industry. Odds are if you buy a stove you know what it does, and if you don’t like it, you get your money back. With music and movies, you need to pay to find out whether or not something is total crap. This protects the billionaires, but the consumer gets left out in the cold. But as I mentioned, that’s now changing. Through KaZaA people can be exposed to music they never would have heard before, find out what they like by hearing the true, unedited versions of songs, and see movies to decide whether or not they should get the DVD. But of course, that’s not the popular way to think. Rarely will a radio DJ mention “filesharing” without tossing in the word piracy, and seldom (if ever) would a television show make mention of the fact that its possible to even download a movie. I say seldom, because I have heard jokes referring to downloading films on shows like “Tough Crowd With Collin Quinn,” so not everyone is scared to bring it up. Still, we’re taught that its best to stay silent about it. Silence, as well as restriction, is the antithesis of the internet. Regardless of what you may hear in school, the internet is there for information sharing. Networks were created to share information between computer systems, and with the internet, this has become possible all over the world. So while television and radio may more or less stay silent, the internet allows us to see what’s really out there. Everything that people should never mention in real life comes to life on the net, from freeflowing information to alternative lifestyles. The true underbelly of humanity can be revealed through the anonymous nature of the net, and speech can truly be free. Naturally however, this is not to say that all speech is free online, quite the contrary. Warn people about a vulnerability, and like I’ve already pointed out, you could wind up in jail. What the internet allows is a way to see truth, to see through the corporate haze that has been pumped into the eyes and ears of Americans for years. Madonna and Missy Elliot dance in a Gap commercial, singing about how “everybody comes to Hollywood,” so they can put the image of coolness into the very susceptible brains of America’s youth. Kids see this, and figure the Gap is the place to be, and oh yeah, Madonna and Missy are pretty cool. That’s all well and good, and I don’t mean to sound like the Gap is an evil empire out to destroy youth, but suppose you started a site that showed how these artists actually want their fans in prison for downloading songs? What would happen? First would come a warning, you libeling them, and probably can’t even use their names because those are copy protected. Next would come litigation, threats of lawsuits that would most likely force you to shut the site down. And for what? For expressing a particular point of view? Sorry, you have to make believe those people don’t want you behind bars. So what does a Gap commercial have to do with all this talk of playing pretend? Ads, as well as business, are generally protected from things like laws. Now this is not always the case, as we all saw with Enron, but generally if you’re just trying to make money people will go easy on you. Consumer protection is not what it used to be, but I suppose an example is in order. Pop-ups. You Windows users have probably experienced a new trend in pop-ups, these of course being the ones that utilize that oh-so-fun “net send” command that can be utilized through a command prompt, or WinPopup. These ads usually come from www.endads.com, and explain how you can stop the ads by buying their software. Blackmail? Sounds like it, but good luck actually getting someone to go after them. As is usually the case in business, “technically” they’re not breaking the law. But let’s imagine a new situation, imagine DoS’ing www.endads.com and then emailing them an offer to stop. “You can stop this kind of attack now! Visit our site to find out how!” You guessed it, you’re guilty and they’ll come after you. Attacking consumers is one thing, going after a business is another. So what is one to do? You guessed it, play pretend. Pretend you can’t knock them off the net, pretend you can’t stop their actions on your own, just sit there and take it. There’s nothing keeping me from getting something from a members only site for free, nothing preventing me from getting a free copy of a movie, and nothing stopping me from looking at every single packet that goes through my LAN. Yet, I still have to pretend as though these things don’t exist. When you walk into a store, you know that if you don’t pay for something you’re not only denying the store the price of the item, you’re also running the risk of getting caught. But online, getting a file that’s supposed to cost you something for free is simple, and doesn’t deprive anyone of anything. Sure, technically you’re supposed to pay, but why? Just because? If the phone company is making billions in profit, do my free calls really hurt them? I made it clear I wouldn’t get into the rights and wrongs, so I’m not going to give any personal opinions on these matters. They’re here for you to think about, regardless of how you may feel. I’m sure some feel I’m encouraging crime, and nothing I say will make them feel different. All I ask is that you consider what I’ve said, think about how the world can no longer address certain problems, and has resorted to denying they even exist. There are a lot of things that are possible on the internet, but unfortunately I don’t know any of them. - Screamer Chaotix