An open letter to the Hacker Community.

I have been known by many names. Cyberjunky, Cjunky, CJ, Marc. I am a Hacker and a father. These two things shape my life and generally fill it with joy.

I have done many things in my time on this blue marble flying through space. I have done things I probably shouldn’t have, like being somewhat responsible for the first case of “Hactivism” (yes my CDC brothers I know you coined the name), through to owning most of the internet through the 90’s. Using # as the first character in hosts.equiv was probably a bad idea when people could easily compromise DNS. (Sorry Dan, you weren’t the first). I and some close friends formed one of Britains first hacker gangs, “AoHP”. (According to the UK CCU in the 90’s, all Hackers were naive individuals being led by the agents of a hostile power).

I met my wife on IRC, we dated by causing massive netsplits and turning channels into monty python sketches. We’ve been married 20 years. I have no idea why she puts up with me.

Marriage and kids caused a tectonic shift for me. I both realized I needed to grow up, and that I also had a gift that could change the world. I rediscovered the meaning of “Hacker” and joined the community that now means more to me than life itself. Only my wife and kids come first. I learnt that hacks could be constructive. I’ve lost count of the things I’ve hacked and fixed. From watches and glasses to cars and supercomputers, I am bound by a code of ethics and rather than finding it constraining, I have found it liberating and empowering.

DEF CON for me is the spiritual home of that community. My hacker family. I come every year with one goal in mind – to make it better, safer, more welcoming, more transparent. My secondary mission is to show that my brothers and sisters are a critical part of the future. Rather than strange people to be feared, we are a skilled workforce who can do everything from making the world a safer place, industry more intelligent and even save lives.

Instead of being arrested for this gift, I want to see it celebrated. This can only be achieved through trust, collaboration and community.

This year started on an amazing (but exhausting) high. My awesome team launched the first hacker conference helpline to keep attendees safe. We intercepted and resolved harassment issues. We built an aura of trust where people in serious crisis trusted the SOC goons to come forward and ask for help. Diversity is at higher levels than ever before. I couldn’t be prouder.

Then everything changed.

These recent events at Ceasars have broken my heart. I am fierce advocate for privacy. I understand why hotels need to adapt to a new threat vector. I had friends caught up in the horror of October. However, as a security practitioner and hacker, I hate security theater.

I knew about the searches from articles in the press. However I knew NOTHING about this:

http://twitter.com/kevincollier/status/1028781113160990726

If I had received this, in the interest of transparency, I would have informed you all. After all, that’s EXACTLY why I started the DEF CON transparency report. The timing of it looks odd.

I do not support or endorse these room searches or how they are executed. I sympathize with the challenge these hotels are facing but believe they need to take a harder look at the efficiency, impact and long term cost of this strategy.

We MUST NOT let our hotels become like our airports. If we do, then the terrorists win.

Similarly a hotel guest should have the right to feel safe and secure in their hotel rooms. If filming a reporter through the lens in her hotel door is a crime, invading someone’s room should be several orders of magnitude worse. Yes hotel staff NEED to check rooms but if we, who can change the very building blocks of life, can’t come up with a safer way to do this then we really aren’t trying hard enough.

I NEED your support to change things for the better because without you, my community, there is no point.

So I offer you my resignation. By not being aware of Caesars’ statement I failed you. I WILL not let this happen again. However if you no longer feel I am the man to defend you, my community, then I will leave. I suspect much of my team will leave too but….plus ça change.

I’ll leave you with some words I live by

“This is our world now… the world of the electron and the switch, the

beauty of the baud. We make use of a service already existing without paying

for what could be dirt-cheap if it wasn’t run by profiteering gluttons, and

you call us criminals. We explore… and you call us criminals. We seek

after knowledge… and you call us criminals. We exist without skin color,

without nationality, without religious bias… and you call us criminals.

You build atomic bombs, you wage wars, you murder, cheat, and lie to us

and try to make us believe it’s for our own good, yet we’re the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is

that of judging people by what they say and think, not what they look like.

My crime is that of outsmarting you, something that you will never forgive me

for.

I am a hacker, and this is my manifesto. You may stop this individual,

but you can’t stop us all… after all, we’re all alike.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

About Marc Rogers

Marc has been a hacker since the 80's and has worked in the security industry for almost 20 years. Some of Marc's professional highlights include a decade managing security in the operator Vodafone plc, and 5 years as working as the CSO for a real estate and asset management conglomerate in South Korea. Known as "Cyberjunky", "Cjunky" or just "CJ" in the hacker community Marc is the Head of Security and part of the CFP review board for DEF CON, the worlds largest hacker conference. After spending more than 15 years wrangling hackers, criminals and spooks Marc has seen it all. Sometimes several times at once. Professionally Marc uses his skills as a whitehat hacker and security evangelist to bring a positive outlook on security to today's global organizations. It's this outlook that Marc used when he helped put together the award winning BBC series "The Real Hustle". Today Marc works as the Principal Security Researcher for Lookout Mobile Security.

Category

Uncategorized