Ethical Hacking
Essay Preview: Ethical Hacking
Report this essay
He was sitting at his desk studying a computer screen full of numbers when Matthew Skala realized he could really change things. He could make a difference in the world. He didnt have to kill anyone, or even attend a protest march. Like a modern day Robin Hood, Skala would take from the info-rich and give to the info-poor. Using only his computer, he would write a 40-page essay and a small computer program, then fire off a quill of email arrows. Thats all. But this would be enough to bring on the wrath of corporate America, and the support of free thinkers the world over.
In late January 2000, 23-year-old University of Victory graduate student Matthew Skala teamed up with a fellow in Sweden named Eddy Jansson to take on Cyber Patrol, the most widely used Internet “Parental Control” software. The Victoria public library and all Vancouver schools use Cyber Patrol to limit access to pornography, violence and other questionable subjects on the World Wide Web. Cyber Patrol is made by Microsystems Software Inc. of Framingham, Mass., which is owned by The Learning Company of Cambridge Mass., which was owned by Mattel Inc. of El Segundo, Ca.
To support notions of universal rights and freedoms for all–and especially youth–Skala and Jansson meant to show that, like all such “censorware”, Cyber Patrol restricts access to perfectly legitimate websites, newsgroups, and other Internet resources. Furthermore, Cyber Patrol secretly guards the list of websites that it blocks. Skala and Jansson took offence to this because without knowing what is being blocked, there can be no public debate. The young programmers were also bothered by the esthetic of the software itself. “Most parental control software is of low technical quality,” says Skala, “and when we looked at Cyber Patrol it was the same.”
The products motto adorns a police-like crest on the Cyber Patrol package–To surf and protect–but it was no joke when Mattel sued Skala and Jansson for copyright infringement after they decoded Cyber Patrol and then showed everyone what they found.
Jansson had already “hacked” NetNanny, another popular parental control program, but the math in Cyber Patrol was too daunting for him. He contacted Skala for help. Originally from Sooke, BC, Skala has been programming computers all his life. He was 10 when he joined the Big Blue and Cousins PC users group in Victoria. Hes still a member, in charge of the clubs computer system. At U.Vic he won a prestigious National Science and Engineering Research Council scholarship worth about $34,000.
Skala was easily up to the tricky math that Cyber Patrol used to encrypt its passwords and blocking list. It took about six weeks to break the code. Skala says, “The math required solving a system of linear equations using modular arithmetic, which makes it a second or third year university level problem.”
When asked how he felt about the legality of what he had done, Skala said, “Im not a member of the computer underground or anything like that. These are skills I use in my regular work.” Last year, working at the Pacific Forest Centre in Victoria, he used similar reverse engineering tactics to recover thousands of dollars worth of remote sensing data. “U.Vic has a reverse engineering research group in computer science,” says Skala. “Its a perfectly normal part of programming used throughout the industry.” Its also specifically forbidden in the Cyber Patrol licensing agreement.
On March 11 Skala and Jansson published an extremely detailed and accessible essay, described everything they found, and attached a small software tool so that anyone could look and see for themselves how Cyber Patrol worked. The essay was so good that numerous computer science professors around the world mounted it on their webpages as an instructional resource.
With a kind of hackery fervor, these young men succeeded in their mission. They showed the world that Cyber Patrol blocks websites like Planned Parenthood, Envirolink, Nizkor (a famous BC site debunking holocaust deniers), The Ontario Centre for Religious Tolerance, The Aids Information Centre, Mother Jones Magazine, and many many more. This fact is not revealed anywhere in the program, in the documentation, or on the Cyber Patrol website. Users never know what they are being denied, and this is the crux of what Skala and Jansson were trying to do. “We werent really wanting to put the list of sites in the hands of children,” says Skala. “The main reason we wanted to show the list was to begin an informed debate.”
On March 15 Mattel Inc., decided to hold that debate in a court of law. They sued Skala and Jansson for copyright infringement, breach of licensing agreement, interference with advantageous business relations, illegal conversion of the product for own use, and theft of trade secrets.
Mattel also demanded that Skalla and Janssons Internet Service Providers (IslandNet in BC, and Scandinavia Online in Sweden) be forced to turn over a list of the identities of anyone who had looked at the Cyber Patrol postings. This galvanized the support of numerous freedom of information groups who had been waiting for a case like this to test the new, and what many consider draconian, US Digital Millennium Copyright Act of 1998. Skala and Jansson were heroes. But the press portrayed Skala, a mild mannered graduate student, as a lawbreaking skin-head hacker. (While Skala does shave his head, its more of a fun fashion statement than anything else. “It was kind of a pre-millennium thing,” he says. “I figured there were a few things I wanted to do before the world came to an end on January first.”)
To programmers, hacker is not a four-letter word. Hackers are people who do cool things with computers, usually for free. (The whole Cyber Patrol episode actually cost Skala about $3000 for legal and other expenses. He never received any money from the many organizations supporting the cause.) Dont confuse hackers with crackers who maliciously break into computer systems to damage and destroy.
Skala is your average ordinary likable computer nerd. Picture him as a young Bill Gates, except with a shaved head and left-leaning politics. On his website he waxes romantically on why girls dont sit next to him on the bus, or about finding an old kite in the garage: “I have not yet succeeded in using my kite as the cornerstone of a pick-up routine, but that of course would be one good use for it.”
Hackers, in the original sense of the word, change the world by hacking away at things. They love their computer