From...

August 11, 1999
Web posted at: 12:22 p.m. EDT (1622 GMT)

by Ann Harrison

ALSO:

Message Board:     How do you define a hacker?     In-Depth Special:     Insurgency on the Internet    Sign up for the Computer Connection email service    For more computing stories

ALTLANDSBERG, GERMANY (IDG) -- CAMPnet, billed as the largest civilian open-air Internet network ever created, sprang to life last weekend when 1,800 European and American hackers gathered at the Chaos Computer Camp outside Berlin.

In a tent city, connected by a switched Gigabit Ethernet, hackers on holiday swapped security tools, ate waffles, viewed fire-eating demonstrations, discussed encryption politics and went for dips in the local lake. A camper who attempted to attack the network was subjected to local justice and found himself cleaning toilets.

MORE COMPUTING INTELLIGENCE
	IDG.net home page
Computerworld's home page
Computerworld Year 2000 resource center
Computerworld's online subscription center
Reviews & in-depth info at IDG.net
IDG.net's personal news page
Year 2000 World
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletter for IT leaders
Search IDG.net in 12 languages
News Radio
	Computerworld Minute
	Fusion audio primers

Constructed around a fable involving an alien spaceship which hailed a group of hackers and touched down for repairs to their damaged computers, the camp featured a sculpted spaceship and a "landing area" illuminated by ghostly neon pillars. Inside the 300-foot Hacktent, long tables held hundreds of PCs brought by participants to connect to CAMPnet, which supported 1,500 hosts and carried an aggregate Internet bandwidth of 20M bit/sec.

Lounging outside near one of the seventeen "data toilet" portapotties that housed the network routers, Andy Muller-Maguhn said the camp reflected a cultural movement concerned with data security, privacy and the free flow of information.

"It's one thing to be on a mailing list," said Muller-Maguhn, who serves as a spokesperson for the Berlin-based Chaos Computer Club (CCC) that created the event. "But sitting in a campground and having discussions all night gets people networked more closely together and helps develop solutions to problems we haven't even faced yet, while computer companies sell solutions to problems we wouldn't have without them."

The featured event Saturday night was the Linux Death Match, in which teams of network administrators tried to halt to one another's network services. The match was won by a team from Munich that chose not to attack, but instead fortified its machine with Free BSD tools.

Tobias, a programmer and software developer from Berlin who was watching the match, said he was impressed by the level of expertise. "It's pretty amazing to see the knowledge these people have, all these people sitting here in front of these machines will never have problem finding a job," Tobias said. "Everyone around here knows how useful it is to find vulnerabilities, and most of these people don't destroy systems, don't crack systems, they just look at them."

David Del Torto, director of technology for security services at Deloitte and Touche, taught a workshop entitled "Take This Job and Ping It/Hacking the Corporate Ladder for Fun and Profit." He said hackers were working at all the Big Five accounting and auditing firms -- where their skills are in high demand. "As long as you are not hacking the company you work for and destroying your reputation, you are going to have no problem getting jobs," Del Torto said.

Security flaws in commercial software and hardware were popular topics at camp workshops, which included discussions on "Biometric Insecurity" and the construction of Windows NT Shell Code for Buffer Overflow Exploits. The camp's re-engineering awards went to a group that developed a technique to alter the ID numbers on Global System for Mobile Communications cell phones and to another team that found a way to defeat a biometric fingerprint scanning system.

Despite their demonization in the press, hackers have traditionally distributed critical information about insecure products and used this information to search for better solutions, attendees said.

Hugh Daniels, a California resident who presented a workshop on the FreeS/WAN network encryption tool, pointed to the high rate of online credit card fraud. He said users should demand the creation of networks that cannot be stolen from and strong encryption to protect personal data. "I'm trying to build a civil society that holds up through mathematics, not guns," Daniels told the crowd.

Muller-Maguhn noted that unlike the U.S., which imposes export restrictions on strong encryption, Germany has politicians who listened to advice from the hacker community and chose not to impose similar controls. "People here are always thinking critically about fascism, so people want to drive the technology, not be driven by it," he said.

Dave Boyce, who works for an Internet service provider in Amsterdam, declared that the ultimate purpose of the camp was to create human and computer networks of activists to defend such policies. "It's important that crypto is free from government control so that we can exchange information, freely because ultimately your freedom starts with the exchange of information," said Boyce. "What we are doing here is creating frameworks for the freedom of information."