An exploration into the quasiunderworld of computerdom 

   ERIK LACITIS
   Seattle Times staff columnist 

   Around  1986,  when he was a junior at Bellevue High School, Jeff Moss
   was  introduced by friends to the world of dumpster diving. Back then,
   Moss  was  known  as  Jeff Moss, not as the Dark Tangent, today one of
   cyber space's best known hackers, that group of people whose passion is
   delving into computer systems.

   Today's  piece  is  the  first of a periodic look at hacker culture, a
   world that I've been exploring of late. Our most private records these
   days - medical, financial - are stored on a computer disk.

   The problem is that in cyberspace, privacy is just another seven letter
   word.  At  their  most  innocent, hackers simply want to fulfill their
   curiosity. At the criminal end, they steal and sabotage.

   Well,  of  course,  you  could  say  that it's kind of ironic that the
   intense, restless Dark Tangent resides in Seattle.

   Puget  Sound  is  the  headquarters  of  Microsoft and Bill Gates, the
   corporation  and  the intense, restless man who seem to be featured on
   every other cover of Fortune magazine. They are rich and powerful.

   Moss,  27,  isn't  rich - he is, as a matter of fact, struggling to make
   ends  meet  and  looking  for  a  job  that  has  something to do with
   computers - but he does wield a certain amount of power.

   The  weekend  of July 11 in Las Vegas, Moss will be staging Def Con
   V,  the  most publicized  of hacker conferences. He openly invites law
   enforcement  types  to  mingle  with  an  audience  that has been half
   jokingly said to include many people under indictment. On stage at Def
   Con, the wiry Moss will be moving the show along.

   It  makes  for  interesting interaction, with the law enforcement types
   getting "I am the Fed" T-shirts and those who point them out getting "I
   spotted the Fed" T-shirts.

   Def Con comes from the Army term for "defense readiness condition." In
   the hacker world, you choose names because they sound cool, like "Dark
   Tangent," for example. Moss remembered a science fiction comic book he
   had  liked  in  junior  high,  although  it actually was called "D'Arc
   Tangent."

   Moss represents the more innocent side of hacking, the one in which as
   a  kid he discovered the world of dumpster diving. Moss and some other
   computer  type  students would drive to the headquarters of Egghead
   Software or maybe a Microsoft production facility.

   It  wasn't  hard  to  sneak  around the outside security cameras, Moss
   said, and then crawl into a trash bin.

   "You'd  root  around  the Happy Meals, and it could be very lucrative.
   You  could  find  all types of toys," he said. Back then, floppy disks
   were  expensive,  and the students would find piles of them thrown out
   when Microsoft was upgrading a product.

   One  of  his  buddies,  Moss  said,  collected 15,000 to 20,000 disks.
   Sometimes  the  kids  would find coprocessors that had been thrown out
   because the connecting pins were bent. Moss unbent them and had usable
   equipment.

   The  son  of a professor in medicine, Moss was using a computer by the
   sixth  grade.  His  family  lived in Piedmont, the affluent California
   enclave  next to Oakland. At that time, in the early 1980s, before the
   Internet  revolution  had taken place, electronic bulletin boards were
   the rage.

   "It  introduced me to an online community that shared information that
   was  not  mainstream,"  he  said. "They might be talking about growing
   pot, or where people could get free cable TV descramblers."

   In 1984 his family moved here, and at the welcoming party for his dad,
   Moss  ran into another computer kid, who just happened to have a spare
   300 baud  acoustic  coupler.  That's  laughable  technology  by today's
   standards,  in  which  computer  power  and  speed  quickly double and
   quadruple.  But  it was enough for Moss to start logging on to Seattle
   bulletin boards.

   By  his senior year in high school, Dark Tangent had appeared in cyber
   space,  and  Moss  was  running  his  own bulletin board, Dark Tangent
   System.  By then, Moss had taken computer classes at the University of
   Washington and was writing programs and doing stuff.

   Stuff.

   "Yeah,  we  used  to  do 'stuff,'" he remembered. Moss doesn't really
   like  to  talk much about the stuff he did with computers. "Back then,
   there  was  no  law  against  you  doing  this  stuff.  Now, there are
   mandatory sentencing guidelines," he said.

   He doesn't do "stuff" anymore, he said. Why bother? He has his own Web
   site  (http://www.defcon.org)  and he has friends who have computer
   networks.  He  can  play  around  all  he  wants in cyberspace without
   breaking a law.

   Thrill is getting information

   In researching this story, though, I did talk with younger hackers for
   whom the thrill still is in surreptitiously getting information.

   I  located  them  by  using  an  Internet  search engine that isolated
   postings   that   somehow   mentioned   Seattle   on  newsgroups  such
   alt.hacker, alt.cyberspace.rebels, and alt.cyberpunk.tech.

   One  such  hacker  was  a  University  of  Washington student. Since I
   started this story on the theme of irony, it's interesting to note his
   major:  criminal  justice.  At  least he'll know what to do if he ever
   gets in trouble, the hacker said.

   He  showed me some of his toys, such as the Tranz 380 credit card read
   out  slide  machine whose code he's trying to break. But, mostly, this
   hacker  had  branched out into phone "phreaking" - the cell phone that
   is  programmed  to  use somebody else's account the Radio Shack Pocket
   Tone Dialer that in 1993 earned him a few hundred bucks.

   The  tone  dialer actually was sold to store phone numbers. You simply
   held  the  apparatus against the mouth piece of a phone and pressed the
   appropriate memory button.

   Hackers  figured  out  that  by replacing a crystal in the dialer they
   could  change  the  tones. In pay phones, it used to be that dropping,
   say,  a  quarter,  caused  a specific tone to be emitted. The crystals
   mimicked those tones. Free phone calls!

   The  22 year old said he approached foreign students at the UW. and told
   them  that  for  $10  they could phone relatives back home and talk as
   long as they wanted.

   "Word got around to look for me in front of the HUB (the student union
   building),  the  guy who always wears the black cap," the hacker said.
   (Phone  companies have since made a change so the pocket dialers can't
   fool newer style pay phones.)

   I asked the hacker if he had any, you know, moral misgivings.

   "I don't target individuals. It's corporations," he said. "To me, it's
   kind  of  payback against the big companies that rip people off. I see
   my parents working hard, and they skill come up a little short because
   the big companies are always raising their rates."

   Sometimes high school hackers are caught and prosecuted. But, in truth,
   law enforcement  officials  will  tell  you they have much, much bigger
   targets,  like the employee stealing company secrets or sabotaging the
   computer network.

   For  many  computer  users,  hackers are a vague but mostly unrealized
   threat.  But  in  one  federally  sponsored  survey,  six out 10 major
   corporations  responded  that  they were bothered in the prior year by
   hacker who caused million of dollars in damage.

   I  suppose illicitness is a matter of degree. The young hackers who go
   into the CIA or Department of Defense Web site and alter it so that
   suddenly Playboy magazine appears are not quite the same as industrial
   spies.

   Computers: a way to get around

   "If  you're  a  high  schooler,  maybe  you can't afford a car, and so
   you're  stuck in your house," Moss said, remembering those days in his
   life.

   "But with a computer you suddenly can be transported to a whole lot of
   places,  where  you're not judged by what kind of cool car you have or
   what you look like.

   You  get  respect for knowledge. If you can do something that somebody
   else hasn't done, you get bragging rights."

   After graduating from Bellevue High in 1988, Moss earned a bachelor of
   arts  degree  at  Gonzaga  University,  then began studying law at the
   University of Dayton. Studying law bored him.

   "I  found myself reading computer journals more than law journals. Law
   is  the  art of what can get done, not what's right," he said. After a
   couple  of  years,  Moss  dropped out, worked for a company that makes
   games then started a Web hosting company.

   By  then,  he  had already organized two Def Con conferences. The idea
   for  the  first  Def  Con began when Moss was talking to another young
   hacker  who wanted to hold a party thanking people who had belonged to
   a computer network he had run. That evolved into a mass posting on the
   Internet,  announcing Def Con I. Since that first gathering of hackers
   in 1993, all the Def Cons have been held in Las Vegas. At least if the
   conference  was a bust, Moss figured, those attending would have other
   memories.

   There  are  other  gatherings  of  hackers, but none with such an open
   invitation.   Moss  decided  to  invite  as  speakers  everybody  from
   prosecutors to encryption specialists. The first year, 110 people paid
   to  attend;  the  next year it was 350, then 550. Last year, more than
   800 hackers paid the $40 fee.

   That  doesn't  earn Moss much money, just enough, he said, to buy more
   computer  hardware.  He  has not cashed in on his fame in the computer
   world. Other hackers now sell expensive anti-hacking software and anti
   hacking  seminars  to corporations, but Moss hasn't made the marketing
   leap.

   "What's the saying? If you're in your 20s and sell out, you're a fool.
   And  if  you're  in  your 30s and don't sell out, you're a fool," Moss
   said. He has three more years before hitting that magic Three-O.

   I asked Moss if he thought Dark Tangent could have a good conversation
   with Bill Gates.

   "We'd  have  a great talk," Moss said. "I'd start talking to him about
   the  olden  days,  when  the  world  was  like  an  oyster  and he was
   unwrapping  all this great new technology. I guess we'd talk about how
   he  missed  the  Internet  thing.  I  don't  think  it was a conscious
   decision  on  his  part.  It  was  corporate  inertia. He was probably
   insulated  at  that  point and didn't at first get the significance of
   it."  his part. It was corporate inertia. He was probably insulated at
   that point and didn't at first get the significance of it."

   Gates might find irony in Moss' tale of how even Dark Tangent has been
   a target of hackers.

   "Computer  security is like trying to prove the negative. Maybe you've
   never  been  broken  into because of excellent security. Or maybe it's
   because no one's yet tried," Moss said. "But everybody's vulnerable."

   Being hacked by a hacker

   Moss  said  that  his  email  as  Dark Tangent is being monitored by a
   hacker and that he assumes the email could be tampered with.

   Everybody's vulnerable.

   Moss  and  I talked lots more about how everybody's vulnerable in this
   new cyberspace world. It goes far beyond doctoring e-mail, and many of
   you reading this have stories you could tell. The ways you can contact
   me are listed at the end of this story.

   You  know  it's  not  Dark Tangent we have to worry about. It could be
   that real quiet fellow employee who always looks angry about something
   and just keeps typing on his computer.

   Watch out, if he ever decides to press the "execute" button.

   Erik Lacitis' column runs Sunday, Tuesday and Friday. His phone number
   is 206.464.2237 His email address is: elacnew@seatimes.com

   The Seattle Times
   March 9, 1997
     _________________________________________________________________

   Tips from Jeff Moss, a.k.a. Dark Tangent' on making your computer more
   secure.

   General

     * Apply  the  latest  service  patches  to your operating system and
       programs.    For    example,    on    the   Microsoft   Web   site
       (http.//www.microsoft.com)  you  can  download service packs to
       fix  bugs  in  Windows  95. Periodically check the Web sites and
       apply those fixes.

     * Have  a  regular backup schedule in which you back up all critical
       data. That way, when your machine explodes, you'll have everything
       you need to start a new system.

     * Treat  email  as you would treat a postcard, meaning that can read
       it.

     * Consider  encrypting  important data, using the PGP encryption
       program  that's  available  free  on the Internet (a search of the
       term  PGP)  should  lead to a site from which you can download
       the

     * Each  time  you  download  a new program from the Internet, run an
       antivirus or macro software program.

   Businesses

     * Consider  "air walling"  your  corporate network, so that computers
       linked  to the Internet are not connected to computers linked with
       corporate networks.

     * Filter Java and ActiveX, the two computer languages that allow Web
       sites  to  remotely  execute  programs  on  your Web browser. This
       prevents  any  of  your  employees  from accidentally triggering a
       hostile program that is coming in from the Web.

   Individuals

     * On  Windows  95,  turn,  "print" and "file sharing" to prevent any
       chance of remote snooping when you're on the Internet.

     * Pay  attention  to  all  warning boxes that pop up as you use your
       browser.  Read them and make an informed decision. Even though you
       see those boxes frequently and it's easy to ignore them, sooner or
       later the warnings will be about something that will cause damage.

                                                        The Seattle Times
                                                            March 9, 1997