Sign In

Communications of the ACM

Letters to the Editor

Plenty More Hacker Motivations


Letters to the Editor

Credit: iStockPhoto.com

Exploring the malicious hacker problem, Zheng-chuan Xu et al.'s "Why Computer Talents Become Computer Hackers" (Apr. 2013) overlooked many motivations for computer talents becoming computer hackers, due, possibly, to cultural differences between China and the West, as suggested in the article, or just to the authors' limited findings, which were based on interviews with only six known computer hackers in Shanghai. Moreover, the article did not distinguish between hackers who ethically go to extremes of computing and malicious hackers willing to do harm to achieve their goals.

My own research at SRI International, 1971–1995, funded by the U.S. National Science Foundation, U.S. Department of Defense, and U.S. Department of Justice, involved interviews with more than 100 notorious malicious computer hackers in the U.S. and Western Europe. That work was documented in case studies in my books Crime by Computer (1976) and Fighting Computer Crime (1983), both published by Charles Scribner's Sons, Inc. Malicious hacking is still motivated in much the same way as it always has been, starting with phone phreaking in the 1960s.

One significant motivation the article clearly overlooked is that some young hackers are looking for shortcuts to a high-paying career in information technology without first undergoing a formal education. Such an irrational strategy typically concentrates on learning from manuals, the Web, personal experimentation, and experienced hackers, as noted in the article, believing that if they engage in sufficiently outrageous but brilliant conduct, with ends justifying means, as was done by some highly publicized malicious hackers before them, they will be noticed by their victims and hired at high pay to protect society from further harm.

My own interviews revealed many kinds of deviant behavior associated with ready access to the powerful, pervasive, vulnerable, fragile information technology at the heart of almost every organization's and user's operations, including negativism, delusions of grandeur, infantile ideals, grandiose, overt behavior, frequent regressions, compensatory mechanisms, peer pressure, fragile ego, irrationality, antisocial behavior, poor grooming and personal habits, unhealthy diet, use of alcohol and drugs, squalid living, disrespect for authority, deception, thievery and burglary, piracy, extortion, endangerment, misuse, abuse, negligence, sabotage, espionage, misrepresentation, intimidation, physical and mental violence, bullying as subject and object, autism, idiot-savantism, sibling rivalry, reaction to parental aberrations and broken homes, hero worship, sexual excess, attention deficit disorder, and more.

I agree with the findings in the article as far as they went, that "...hacker candidates encounter porous security, are tolerated by some academics, and are encouraged by like-minded individuals." They are also sometimes inadvertently encouraged by naive reformers at hacker conferences and by the early success of a few malicious hacker heroes (such as "Cap'n Crunch," "Fiber Optic," and Kevin Mitnick). These hacking mentors and others are described in my books, as well as in others, including Hackers, Heroes of the Computer Revolution by Steven Levy (Anchor Press/Doubleday, 1984), The Hacker Crackdown by Bruce Sterling (Bantam, 1992), and The Fugitive Game by Jonathan Littman (Little, Brown and Company, 1996).

Donn B. Parker, Los Altos, CA

Back to Top

Too Early for Verdict on MOOCs

Michael A. Cusumano's Viewpoint "Are the Costs of 'Free' Too High in Online Education?" (Apr. 2013) gave an essentially positive answer despite hedging with phrases like, "Maybe, but maybe not." It was clear from the context which side he is on, saying, for example, "The industries I follow closely are still struggling to recover from the impact of free." Comparing traditional institutions of higher learning with online courses is somewhat unfair, as it involves contrasting institutions that have undergone decades or even centuries of refinement with a new paradigm still in its infancy. Moreover, face-to-face interaction in a classroom is wonderful under ideal conditions, but universities in much of the world simply lack ideal conditions; for example, face-to-face interaction is unlikely when a disengaged professor teaches hundreds of students in a large lecture hall where those students have difficulty even seeing the professor or projected slides or reading the scribbles on the board and are often in uncomfortable seats or no seat at all in the case of overenrolled classes. Students sometimes forego courses they prefer in favor of available ones and might wait weeks before receiving feedback on homework submissions or exam papers because the professor is too busy or there are too few teaching assistants. Online courses have been successful in part because they can provide immediate feedback and facilitate peer-to-peer interaction, as well as flexibility and variety. Institutions of higher learning must adapt to this wonderful new resource, and not take a defensive stance, insisting on business as usual.

Behrooz Parhami, Santa Barbara, CA

Back to Top

What We Want from Computer Science

One way to address the question "Is computer science a science?" is to imagine having to translate it into another language. We would immediately confront two difficulties: "computer science" generally translates to something like "informatics," and, in other languages, the word "science" typically refers to any rigorous intel-lectual discipline, even in the humanities. The question then translates to "Is informatics a rigorous intellectual discipline?" where the answer is surely yes. But in his Viewpoint "The Science in Computer Science" (May 2013), Peter J. Denning clearly adopted the typical English speaker's view of science as abbreviating "natural science," something like physics or geology. The question then translates to "Is informatics like physics or geology?" and looks like nonsense. Making matters worse, Denning's focus on experimental science seemingly excluded topics like cosmology and evolutionary biology, where "reproducibility of results" is out of the question; nobody can repeat the big bang or the evolution of life on Earth. (Moreover, alchemists were fond of experimentation.) The quest to discover the science in computer science seems to rely on semantic questions. Does it really matter whether computer science is a form of engineering or instead an applied science? Does the existence of natural information processes make computer science more rigorous or significant?

I am sure the exercise involves legitimate goals that could be made clearer by asking specific questions; for example, does the subject use sound methods that deliver trustworthy results? (Economists should ask themselves this one.) Does computer science get the prestige/recognition/funding it deserves? How can we convey a clear understanding of it to the wider public? I suggest we focus on such specific, unambiguous questions and not get bogged down on the issue of what exactly counts as a science.

Lawrence C. Paulson, Cambridge, England

Back to Top

Author's Response

I listed seven criteria for a field to be considered a science in the common meaning: "a discipline that employs the scientific method." Computer science meets them all. Reproducibility is one, and indeed cosmology and evolutionary biology strive for results others can reproduce. The degree to which computer science integrates science, engineering, and mathematics affects answers to fundamental questions about methodology (How do we practice computer science?), pedagogy (How do we teach it?) and dissemination (How do we communicate it?). For more, check the ACM Ubiquity symposia on science (http://ubiquity.acm.org/symposia.cfm).

Peter J. Denning, Monterey, CA

Back to Top

Accessibility Out of the Box

We agree with Vinton G. Cerf's President's Letter "Why Is Accessibility So Hard?" (Nov. 2012) that computer science should be one field where accessibility is a given. Indeed, there is no technical reason accessibility should be impossible, and any lack of accessibility is likely due to non-technical reasons. People in and out of computer science should appreciate that accessibility is both necessary (people growing old is justification enough) and may also be a source of profit, as well as inspiration. Though an average programmer cannot anticipate all user needs, accessibility typically boils down to structuring the application logically rather than graphically, as in the structured Web pages of Cascading Style Sheets. Accounting for accessibility from the beginning of a development project is more likely to yield better, more maintainable software, a principle all programmers should learn.

Generic screen readers involve both advantages and weaknesses but permit access even to applications not designed to be accessible. However, such access does not always work as intended, especially with graphically designed applications, though scripting engines in screen readers make it possible to tune reader behavior; advanced users can write and share such scripts.

Multiple accessibility settings may be overwhelming for some users, despite their usefulness, in light of the diversity of user needs, but coping with them could constitute a completely new profession involving discussions with users and proposing and testing solutions in the search for optimal combinations.

Moreover, developing accessible substitutes for existing applications from scratch is not effective, as they are not sustainable over time due to lack of resources; we have seen several projects starve to death this way. Accessibility should be integrated into the entire user software stack, not just alongside it; accessibility would thus be sustainable, as with internationalization and security. When an API is available, users themselves would be able to write dedicated interfaces to access shared software. We have seen such arrangements work very well, though having users write their own code depends on making computer science education itself more accessible.

Finally, accessibility should be delivered out of the box, on all computers in the wild, waiting to be triggered, including their hardware, BIOS, boot-loader, and OS installer; for example, the Debian Linux installer includes a speech synthesizer that should be generalized to all operating systems.

Sébastien Hinderer, Nancy, France and Samuel Thibault, Bordeaux, France

Back to Top

Footnotes

Communications welcomes your opinion. To submit a Letter to the Editor, please limit yourself to 500 words or less, and send to [email protected].


©2013 ACM  0001-0782/13/07

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and full citation on the first page. Copyright for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or fee. Request permission to publish from [email protected] or fax (212) 869-0481.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2013 ACM, Inc.


 

No entries found