Women Hackers

Cornelia Sollfrank

Lecture march 1999, 'next Cyberfeminist International'
First published in: 'next Cyberfeminist International', obn, Hrsg. C. Sollfrank

The net has become a virtual, real and omnipresent part of life. Those who are not on-line find themselves confronted with www-addresses everywhere, with advertisements for IT-technologies in TV commercials and on bill-boards. They feel surrounded by this new, mysterious presence. And this pervasive image carries the message that life will be better thanks to the high-speed information highway. We will all work and learn more effectively, consume better and cheaper products, get better medical care, have more interesting friends and more fulfilling love-stories when we are on-line. But there is also a dark side to this glittering promise: the exploitation of third-world labour, the monopolisation of software, the globalization of economies, comprehensive information control and surveillance, and the cyborgization of our bodies. Both technophilia and technophobia flourish, creating an ever-growing gap. It is there, within that gap, instigated by the insiders---the developers and users of technology--that a politically motivated, constructive critique could and should take place. Within that specialized company there is one notable cultural environment which can be located and defined--the hacker scene.

What is a hacker?

Before going further I think it is necessary to take a closer look at the meaning of the term "hacker". A clear definition is difficult because the word has changed since it came into existence, and also because of the discrepancy between the hackers' self-image (self-definition), and the public image (mostly defined by the media). When the term was invented in the 60s at MIT, it was definitely an honour-able title. Hackers were known for their resourcefulness and their persistence in solving software-related problems. The first hackers created the 'hacker ethics' (as described in Stephen Levy's book "Hackers", 1984) which was based on the idea of freedom of information and respect for other peoples' data. But due to some spectacular hacks in the 80s and their subsequent representation in the media, the term hacker today has a negative image and criminal connotations. Today, hackers are fighting this negative conception by referring back to the early 'hacker ethics'.

I would like to offer a variety of definitions, drawing on the Hacker Jargon Dictionary by Eric S. Raymond: There we can read that a hacker (originally, someone who makes furniture with an axe) is:
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary.
2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
3. A person capable of appreciating hack value.
4. A person who is good at programming quickly.
5. An expert at a particular program, or one who frequently works with or on it; as in 'a Unix hacker'. (Definitions 1 through 5 are correlated, and people who fit them congregate.)
6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.
7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.
8. [deprecating] A malicious meddler who tries to discover sensitive information by poking around. Hence 'password hacker', 'network hacker'. The correct term for this sense is "cracker."
These definitions do not only refer to computer hacking but also provide the opportunity to expand the term to include all kinds of systems (see 6.+7.). They point out that the actual terrain is not necessarily technology, and that the main characteristic of hacking is the attitude in which something is done. But in addition to the 'right' attitude, knowledge and skills are indispensable. So one of the most famous hackers' mottoes is: "Hacking: Attitude and Competence!". To generalise, one could say that hacking is all about learning and free inquiry.

This kind of inquisitiveness, however, does not have exclusively positive connotations; it is also equated with poking one's nose where it does not belong and asking awkward questions at the wrong time and place (1), especially when hackers' actions reveal the unreliability and insecurity of systems which are sold to the public as secure. In these cases, hackers are labelled by politicians and the media as dangerous criminals who steal sensitive or commercially valuable information, cause damage and endanger, in a worstcase scenario, national security. This is how hackers are usually viewed by the public, and onto them is projected all the uneasiness regarding new technologies. The fear of hackers is nothing other than the fear of uncontrollable and, for most people, mysterious, new technologies.

In order to distinguish themselves from people with purely criminal motives--who do, of course, exist--hackers themselves introduced the term 'cracker' (see 8.). Cracker might be defined as a kind of hacker, hacker minus attitude (or with too much!). But this distinction has not gained wide acceptance. Nowadays, the term 'cracking' is mostly applied to a specific branch of hacking. There is a huge and well-organized scene which specializes in cracking all kinds of software, from operating systems to games. The 'Crackers' use the net only as tool for distribution, and do not work explicitly on network concerns. Cracking is of course illegal, because it means that licensed and copyrighted software is published for free; but crackers claim that what they are doing is legitimate, since according to the original hackers' ethics, information should be free.

What does hacking mean?

The first spectacular computer hacks made the hacked systems visible. Formerly closed networks suddenly became public, and of public interest. The public had not previously known of the existence of such systems nor had any idea of their importance. The rendering visible of these systems raised questions such as who stands behind them, who controls and manages them and in whose interests.

Hacking into a computer system means coming face to face not just with the technological apparatus, but also with the knowledge and information framework which backs it up. The technological systems are run by so-called experts who, in the organisation and operation of the system, wield a lot of power. That these experts often fail, and that their systems are unreliable is an incidental discovery of hacking, and certainly helps to deconstruct the image of the suggested all-pervading power. But the more important insight is that technological systems are about controlling knowledge and information and therefore about controlling power. This adds a political dimension to hacking, although most of the early hackers weren't particularly concerned about the political dimensions of what they were doing. (Even now, many hackers prefer to focus on the 'sporting' aspect, placing themselves in the political spectrum as "liberal" or even "uninterested".)

There have always been closed knowledge systems in most societies, and technology is traditionally used for building and maintaining such repressive structures. Anything that liberates such information is, therefore, anti-repressive, and aids the struggle for open knowledge systems. Hackers have created a new category of illegal knowledge. They are developing effective tools and strategies of resistance that we need in the information society.

Working for a free flow of information is one concern; another, very important and constantly growing concern is the development and distribution of free software. The open source movement became a mass movement and has proved that collaboratively and carefully developed software (e.g. Linux operating system) is not just cheaper, but often of better quality than commercial products.

And, as a third main concern of the hacking community, I would like to name cryptography, the efforts to render data traffic anonymous in order to protect sensitive data and the private sphere of the individual. So, on the one hand hackers work for the opening of knowledge systems and provide handy tools for this undertaking, and on the other hand work for the protection of the individual. Actually, we are experiencing a kind of revival of the hacker myth in the late 1990s. It is now being acknowledged that hackers represent a group of experts who practise resistance from the inside, whereas in the 1980s hackers were an elite handful of peo-ple who could easily be criminalized by the mass media, given that what they were doing was, as far as the broader public was concerned, cloaked in a cloud of mystery. Hackers were labelled the 'wizards of the information age' as they seemed to be able to control the machines which control people. On a technological level, hackers are able to look behind the scenes of the new media/ technologies and therefore certainly have a lot of power. But nowadays they are starting to organize and publish their ideas, reach a wider public and acquire political influence. Thus people today have a better understanding of the concerns of hackers than they did ten years ago. Hackers are still the heroes of the information age as they seem to be the only ones who can adequately respond to the challenges which go along with the complete restructuring of our society, but they have also started to demystify their own process.

The computer-literate rebel as a species was anticipated by science fiction. It is not just that many hackers find their role-models in cyberpunk sci-fi stories, but also that many of the literary fantasies of the 80s have meanwhile become reality. According to Rosi Braidotti (2), sci-fi writers "strip the veneer of nostalgia that covers up the in-adequacies of the present cultural (dis)order, and push the crisis to its innermost resolution".

Further evidence of the increasingly positive connotation of hacking is the fact that the term itself is being appropriated in many non-technological fields. It stands for a method of thinking and working which breaks up or into all kinds of systems and questions their reliability or integrity. You can, for example, hack theory, competitions, political organisations, the body, gender or the future. One could also say that the term "hacking" is often used today in the sense which people ten years ago would have used "deconstruction". But hacking contains the additional implication of subversion and underground, and has be-come popular in a culture where political activism is also a question of lifestyle.

Women hackers

In the course of pursuing my interest in hackers and their work, I attended several hackers' meetings. Naturally, as a cyberfeminist, I was looking for women hackers. In the beginning I tried to ignore the fact that the few women who participated in these meetings were not actively involved in computer hacking, and did not consider themselves to be hackers. It took me a while to realize that in fact there were NO women hackers. Why?

In the beginning I assumed that this was more or less a coincidence, and I started to search more specifically for them. I asked around, talked to hackers, posted calls on several mailing lists and in news groups. Most people told me that there certainly WERE female hackers, but nobody had any detailed information. A German correspondent wrote that he had once seen a woman hacker at a meeting in Holland. She had shown up and then disappeared, a bit like a ghost, and he sounded rather sad that he wasn't able to get to know her better.

I also addressed certain people personally in my research, for example Bruce Sterling, a writer and specialist in the US-hacker scene. He wrote me back: "It's true, there are NO women hackers, but it no longer amazes me. Hacking is a teenage-male voyeur-thrill power-trip activity. You don't find female computer intruders, any more than you find female voyeurs who are obsessed with catching glimpses of men's underwear. Women are very, very rarely arrested for sneaking around in the dark of night, peering through bedroom windows. Teenage males are arrested for this all the time. It's not that women are physically or mentally unable to do it. It's just that there is no motive. Don't believe me? I would advise you to go to some cracking sites, and get the omnipresent point-and-click software, and go ahead and crack into some computers. You will soon discover how incredibly dull it is. There is no emotional payoff there. You don't find young men who shoplift cosmetics, they just never do that. But young women do that ' all the time'--stealing expensive lipstick and hiding it in your purse, that is the female emotional equivalent of a hacking-crime. There aren't many women who cruise around sites trying to snitch passwords and break into stuff at random. I don't know of any such women, personally. And I've never even 'heard' of a woman who did it on her own, without some boyfriend at her shoulder eagerly telling her how exciting it was. I once heard Jude Milhon vaguely refer to such a system-cracking woman. But I think it was an urban legend ..." Basically Sterling does not make the distinction between hackers and crackers. And he says that women do not have a motive for hacking, because there is no emotional pay-off for them. Is he imputing a very poor emotional life to men, who seem to get a kick out of such dull activities? And why should girls or women not go for any power-trip activities? But what surprised me most was the fact that he completely left out the political dimension of hacking. And he implies that, because it is a silly thing anyway, there is no need for women to start doing it.

Another specialist I've come across in my research is Gail Thackeray. She is not a hacker herself, but is prosecuting them. She is member of the Special Counsel for Technology Crimes at Arizona Attorney General's Office, and is currently building a new computer crime unit. She had her biggest successes in hunting hackers in the early 90s, and she is feared and hated by the hacking community. I met her on an American hackers list, where I had posted questions and asked for gossip about her. The first answer I received after my request was from Gail Thackeray herself. Obviously she subscribes to all relevant lists and follows what is going on. She said that she would be very interested in the gossip about her. I tried, of course, to squeeze information about women hackers out of her. Here is her answer to the question: "No, there are no serious technical women hackers. It's still largely a white male thing, at least here in the US. [Only one black hacker in Arizona (retired), and one in New York]. There were a lot of women phone phreaks, though for the most part they were merely "finger hackers" and more interested in the social aspects than the technical. One of these was "Kyrie" who got dozens of adoring adolescents to fund her escapades by stealing credit card numbers and posting them to her hacked-out voice mail boxes; she also had several who stole credit cards and sent her $$ by Western Union, under aliases. Bill Cook (formerly an Assistant United States Attorney in Chicago, now a private attorney) prosecuted her, with a little help from us. Again, she wasn't all that adept technically, and her motivation seemed to be part fame and part money. She went to prison for fraud."

To my question as to why there were no women hackers, she explained: "Men and women (warning: sweeping generalisation coming!) seem to obsess about different things, by and large. Even though many little girls play baseball, you never meet one who obsessively memorises the professional baseball stats the way whole armies of boys do ... Part of the lure of hacking is the same role-playing thrill people get from games like Dungeons & Dragons--another obsession more male than female. It's a (false) power rush, illusion of control, dominance, etc. to "take over" a system. The illusion of danger (very few hackers ever get caught, not because they're so clever, but because hardly anyone is working this beat) spices up what is really a fantasy game using other people's systems. In reality, few hackers are particularly creative--the vast majority are shameless plagiarists, using tools others have invented, invading systems that have no reason to be especially secure. I don't know why girls don't go to the "dark side" of the Net in the same numbers that boys do--why are there so few women CEOs of tech companies in Silicon Valley, where everyone can be a startup CEO? We get lots and lots of women passing bad checks and using false ID--but the actual counterfeiters so far are predominantly male. Dunno why.

I would think some of this must be changing, with virtual workplaces and such--after all, if "on the Internet no-one knows you're a dog," how would they know whether they're hiring a woman? I know there are a lot of women in Webpage design firms--maybe ask some of them whether they were ever hackers and if not, why not. The illegal kind of hacking-for-glory is a rather adolescent pursuit: maybe girls go through some other phase ... As to prosecuting male hackers, I prosecute lots of different kinds of crimes---statistically speaking, there are many more male criminals than female, though the difference is diminishing in the USA. As prosecutors, we meet the victims and become familiar with the adverse effects of crime on them, their families, businesses, etc. Usually, law enforcement is reactive --a victim complains of injury--rather than going out looking for offences being committed. Even undercover investigations like 'Operation Sundevil' are usually a response to complaints from a whole group of victims. It's not that we're targeting young male hackers, it's just that that's who we find, by and large, when we investigate the complaints."

It is characteristic that her argument leaves out any political reasons for hacking. She is tracing back hacking to psychological deficiencies from which male juveniles seem to suffer particularly. Thackeray represents "law & order", protecting helpless victims of criminal hacking activities.

But finally I came across one woman hacker who even made it into history. Her name is Susan Thunders, and she is described in the book "Cyberpunk" by Katie Hafner and John Markoff, 1991. She was a member of the so-called Roscoe gang in Los Angeles in the early 80s. She was a specialist in military computers, and her most outstanding ability was to manipulate other people. The following story of Susan is retold from the book.

The gang was named after Roscoe, her boy-friend. Another well-known member of the gang was Kevin Mitnick, who became a very well-known hacker after the gang era and currently is serving a three year prison term without an indictment.

First of all, they were telephone phreaks, which is to say they hacked telephone systems to make free phone calls and to tap other people's calls. They could do anything to telephone systems, change people's number, cancel accounts and so on. When the control mechanisms of the telephone companies switched to computer systems, the Roscoe gang also started to work with computers.

Susan was a tall blonde and worked as a prostitute in Hollywood. She had been mistreated and abused by her family and had started to look for comfort through the telephone. There was a telephone conference circuit she used a lot, called HOBO-UFO, and after a while she became interested in who was behind it. She contacted the operator, who was Roscoe, and they became friends and lovers. They had a lot in common, both having a penchant for psychological subversion, which means they were both good at manipulating other people. And she was infected by his fascination for computers.

For Susan it was a love affair, whereas Roscoe saw it more as a business partnership. She was his protégé, and showed great talent in invading computer systems. She specialized in military computers. Although she was still a beginner she could compensate for her lack of knowledge through her social abilities. One classic method she used was to go into the military bases, hang around in the officer's club, make contact with high military officials, make love to them and afterwards search their documents for passwords and information. And all the money she made through prostitution, about $5000 a month, was spent on computer and telephone equipment.

She was fascinated by power, and the computers which contained the most primal and secret information about military affairs were what attracted her most. There lay the real power, and she wanted it. But she still considered hacking as an art rather than as a source of income. She also loved spying on people and confronting them with the information she had collected about them.

After a while she found out that Roscoe was two-timing her and that he was planning to marry the other girl, who was a middle-class law-student. He split up with Susan brutally, and even her threat to betray him to the FBI failed to make him change his mind. She, however, was obsessed with revenge and started to collect material and hand-written documents which would incriminate him as a hacker. She monitored the phone lines of Roscoe, his girl-friend and Kevin, and started a multi-level private war against them. When she was sure of her evidence she contacted the investigation department, giving her concern for national security as her official reason for doing so. During the trial she was the main witness and assisted the prosecution with explanations of computer technology. Roscoe was sentenced to 15 months detention.

After that she gave up her hacking activities and became a security adviser. Two years later she was asked to join a hearing at the US Senate in Washington, where she spoke on national security and was a sked to demonstrate her knowledge. She was given a computer, a modem and the name of a system she should hack; within twenty minutes she had the entire secret data of the system on her screen. She had brought all her talents into play, including her ability to convince people on the phone to hand out passwords, and thus provided incontestable proof that the weakest link in the security chain is the human being. After that performance she completely gave up her computer and telephone activities and embarked on a career as a professional poker player.

That's what the story tells. We've heard above that women do not have any reason to break into computers. That was obviously different with Susan. She had reasons: a propensity for escaping from the real into the virtual world, combined with her desire for power and control; and certainly she wanted to impress her boyfriend. After Roscoe had left her, her strongest motive was revenge.

It is not clear if this is all based on fact, but the book claims to be a documentary account and is written by serious journalists. In any case, constructing the image of a woman hacker who is actually a whore fits perfectly into the convention of discrediting hackers by referring to their psychological deficiencies and immorality, and by imputing criminal reasons to what they are doing. And, if the hacker is a woman, nothing is a surer sign of her immorality than her being a whore. Sex, crime and technology all come together in the person of Susan Thunders. Sex was one instrument in her power play, technology another. Additionally, the whore also functions as a projection field for fears in a similar way that hackers do. But instead of representing the dark sides of technology, the whore represents the dark side of sexuality. Although Susan Thunders was a hard-core computer hacker, her hacker image will always be associated with her being a prostitute. It is unlikely we will ever hear the story of a male hacker who uses his sexuality in order to 'do his job', although other manipulative social engineering behaviours clearly belong to male hacking practice.

Hacking and Cyberfeminism

My research shows that extremely few women are active in the field of hacking. It is not just in the commercial development of technology, but even more in alternative fields and the technological underground that there are so few women involved. No matter what area of application and no matter what the objective, the borderlines of gender are still maintained. Of all the technological spheres, however, it is in the hacker scene that we find the fewest women. Hacking is a purely male domain, and in that sense a clearly gendered space.

The starting point for dealing with the subject of women hackers was the importance of the work hackers do, their function in society and the persistence of the practice as described above, linked to the fact that almost no women hackers exist. I find it significant that the deconstruction of the all-pervading power of technology, from a cyberfeminist point of view, has first to be combined with a gender-specific deconstruction of power, since technology is still, primarily, associated with maleness.

Although the handling of technology that traditionally has been female-associated, industrial machinery, scientific projects and computer languages have all been symbolized by female names, so the borderline between femininity and technology can be located where such attributes as technical competence, power and control over technology and the construction of machines are introduced. As Heidi Schelhowe, a German computer scientist, points out in her paper "Computer in der Informationsgesellschaft: Technolo-gie mit neuem Gesicht Ñ und altem Geschlecht?", it is the task of gender studies in technical sciences to deconstruct the category of 'technology' per se, in the way that gender and sex are being deconstructed by the social and human sciences. Technology has traditionally been perceived as something that is based on abstraction and logical thinking, on reason, all characteristics which traditionally have male connotations, whereas femininity has been associated with nature, emotion, mysticism, and intuition. But although abstraction has been posited as the antithesis of a nature-related and physical femininity, one might argue that abstract thought is something which is basically independent of physical condi-tions, i.e. also of gender. The simple presence of more women, however, would not necessarily change the resulting products. The demand for a higher proportion of women in technology implies a desire to question traditional assumptions and to raise consciousness regarding technology-implicated power structures. Software development and the required competencies have to be redefined. The new and still ungendered fields would then offer new opportunities for women (3).

In the same way as Schelhowe argues on behalf of computer science, I would like to argue, for the hacker scene, that it is imperative to deconstruct technology in the described way and to stop closing our eyes to the fact that 'the hacker' is a white male. Hackers do not just represent a danger for closed knowledge and power systems, but are, paradoxically, simultaneously representing them in the sense that only white males embody the new illegal knowledge.

While this opinion contains a generalisation about men and women and refers to the biological sex of a person, it also relates to the social construct of gender, and therefore recalls the feminist arguments of the 70s. But obviously, girls and boys are still brought up in different ways, and develop different preferences. It is necessary to face this fact and the resulting conflicts in order to bridge the gap between social and political realities and wishful cyberfeminist thinking.

I am not assuming that women and technology necessarily have as special and as close a relationship as certain cyberfeminists proclaim. My clitoris does not have a direct line to the Matrix--unfortunately. Such rhetoric mystifies technology and misrepresents the daily life of the female computer worker. The simple fact is that most women prefer to spend their lives doing other things than programming fanatically or exploring the depths of the net. And even within the cyberfeminist community, there are only a few computer professionals, and fewer nerds.

Currently most women seem to prefer to undertake politically engaged work in a purely cultural environment and on a non-technological level. Women are not actively influencing the development of hard- and software, and therefore are surrendering any chance to share the related power. The question is, whether cultural/ aesthetic practice alone can sufficiently affect technological development, or whether women finally will have to get their hands dirty with technology. We have to ask ourselves questions like "How deep do we have to get into technology in order to be able to handle it consciously and be able to influence technological developments?", and "What prevents us from just going for it?" and "Does cyberfeminism necessarily require technical competence, or is it sufficient to theorize about technology and to focus on the social, cultural and political aspects of new technologies?"

We are living in a mental climate which is full of contradictions. Utopian theories promise a post-humanist age which is marked by gender- and body-obsolescence. On the other hand, the individual is still part of the power structures constituted by capital, race and gender. We have to bear with this contradiction, try to attenuate the power and the explosive force of the new utopias, and build new social realities with it.

To finish, I will give a brief glimpse into the near future when the world will be populated and shaken by women hackers, who are out of control: Please have a look at he Guide to Geek Girls (p. 48)

edited by Tina Horne

(1) Patrice Riemens, HEART - Don't panic! Hack it!, INFO WAR, ars electronica 98
(2) Rosie Braidotti, Cyberfeminism with a difference
(3) Heidi Schelhowe, Computer in der Informationsgesellschaft: Technologie mit neuem Gesicht -- und altem Geschlecht?

Images:
1) Logo of the German Chaos Computer Club
2) Grave-stone of Bill Gates, located at HIP, Hacking in Progress, 1997
3) Nerd-wear Logo
4) HIP, Hacking in Progress, Tent of the Dutch Webgrrls, foto by Sabine Helmers
5) Illustration of the Hacker Camp 'Heart of Gold', Berlin, 1999
6) Geek Chic Pin-up Calendar, 'January's Hot Hacker'
7) Geek Chic Pin-up Calendar, ' Fox February'