People of IPR
Thu August 1, 2013
NSA And Aaron Swartz Hot Topics At Hacking Conferences
Yesterday the director of the National Security Agency, Gen. Keith Alexander, spoke at Black Hat to a sometimes hostile crowd.
And an internal report by MIT earlier this week found no wrongdoing by the school in the case of Internet activist Aaron Swartz.
These two things have given attendees at the conference a lot to talk about.
JEREMY HOBSON, HOST:
It's HERE AND NOW. Hackers from all over the world are gathered at two big tech conferences in Las Vegas this week - Black Hat and Def Con. And there has been a lot going on. We're going to talk about it now with NPR's Steve Henn, who is there. Hi, Steve.
STEVE HENN, BYLINE: Hi.
HOBSON: So let's start with what happened with General Keith Alexander. This is the head of the National Security Agency. He was speaking to attendees. Let's listen.
(SOUNDBITE OF ARCHIVED RECORDING)
GENERAL KEITH ALEXANDER: Our nation takes stopping terrorism as one of the most important things.
UNIDENTIFIED PERSON: Freedom.
ALEXANDER: Exactly. Because we stand for freedom.
UNIDENTIFIED PERSON: (Bleep)
ALEXANDER: Not bad.
HOBSON: So Steve, a hostile reception for General Alexander.
Yeah, absolutely. You know, the NSA has come here to Black Hat and Def Con to recruit for years. You know, some of the top computer scientists and security researchers in the world are here. The NSA needs to deal with these people. And Alexander came in part to mend fences, but he faced at times a pretty tough reception.
Now, another big topic on the minds of people at the conference is this story that has been developing this week about Aaron Swartz - this is the young computer programmer who committed suicide in January after being targeted by prosecutors for downloading millions of academic articles on the MIT network. Earlier this week, MIT released a report saying that university administrators did not press the authorities to prosecute Aaron Swartz. Steve, tell us about how the people at the conference are reacting to all of that.
HENN: There's a lot of skepticism. The phrase hacker actually was coined at MIT years ago, and many people here who have looked into the case believe that what Aaron did wasn't really at all criminal, that if MIT had told federal prosecutors to drop the case, that this could have played out entirely differently.
HOBSON: Steve, tell us about this conference in general. What are people going there for? What kinds of people are there?
HENN: Well, you know, it's a really broad spectrum. You have business people who work at big computer security firms, and you know, in many ways for them, it's like any other conference. They're here to drum up business. But you also have researchers delivering papers about different ways they can hack into products that most people wouldn't think you could hack, like oil platforms. You also have sort of a big countercultural, you know, almost festival atmosphere. You go Def Con, and there's the Wall of Sheep where folks sit along a wall and try to hack into your, you know, mobile phone or computer while you walk by. And if they do, they post your name to shame you, you know?
There are puzzles. There's a game of capture the flag where, you know, you're not actually capturing a flag, but you're trying to hack into an opponent's computer network. It's really a collection of very bright, very curious people interested in how the technology that surrounds us works and how they can poke holes in it.
HOBSON: But isn't a lot of this hole poking that is going on illegal? It's sort of interesting to have a conference that's very official and all these people are flying in from all over the place to meet to talk about hacking when in fact much of what they do would not be sanctioned by the law, if you will.
HENN: Well, a lot of these folks have grown up. I mean they may have started, you know, dancing along the edges of the law. But many of them now work at reputable companies. They're hired by big firms to test security within the firms. So I'd say probably most of these people aren't breaking the law.
There are security researchers who are doing work on products that they don't own, but they make the case that really they're almost like the investigative reporters of the digital age. They're ethical hackers. And that's one of the reasons so many people here are concerned about the Aaron Swartz prosecution. They fear that aggressive prosecutions of people who are playing around with computers this way and trying to expose problems could criminalize what they see as a public service.
HOBSON: And Aaron Swartz was 26 years old. What would you say is the average age of the people who have come to this conference, Steve?
HENN: It's older than you might think. You know, this conference is 21 years old. Now, I would bet that the average age now is 40.
HOBSON: Hmm. Wow.
HOBSON: Hackers with a lot of experience.
HENN: The community has grown up. Twenty-one years ago when it was founded, it was just kids. But those kids now have kids. There's a camp where they actually...
HENN: ...take their kids and send them to camp at Def Con and teach them to hack.
HOBSON: The next generation of hackers. Steve Henn, technology correspondent at NPR, joining us from Las Vegas. Steve, thanks so much.
HENN: Oh, my pleasure. Transcript provided by NPR, Copyright NPR.