This site got me thinking about it. And this speech from H2K2, or rather the original essay which I remember reading years ago, not long after I first had Internet access, which was probably around 1993-1995. It was in the last couple years of the dominance of Gopher, just before the WWW really started to catch on (at least in ways I could access).

So, my perspective on these issues.


Warez (aka "pirated software") - I pronounce it "wares", not 'wah-rez' or 'way-rez'.

I've never been involved in warez except as a user of releases. I would bet that I am about 3 hops away from a release group; I know people I suspect are involved in the scene. But I've not had any interest in that, and I'm aware that security is a major issue for them, so I have never really asked for details.

My ethics about use of warez is relatively simple. It clearly is not direct theft, i.e. one in which you are stealing something from someone else in a way that deprives that person of the item. It is possibly indirect theft, i.e. if you obtain something through warez that you would otherwise have paid for, then you cost the seller that money you would otherwise have paid.

I'm a cheap bastard, so that means that if I can't obtain software for free I probably can't afford to pay for it, and thus I'm not in that category. Ergo, my obtaining software for free is not theft of any kind.

However, I have strongly advocated for others who *can* afford the cost of the software to just buy the stuff legit.

It is however ethical IMO to try software through warez that you do intend to buy if it is actually worth the money (i.e. if you would, in the opinion informed by having used the warez, decide to buy it if you couldn't get the warez)


Cracking

I've never done it, but I am fairly familiar with the theory. I simply have not had a need to actually try my hand at it.

Similarly, I'm only theoretically familiar with anti-cracking techniques, except to be certain that my level of skill at doing so is not going to surpass the skill of a good cracker.

I have only ever released one piece of software to the public; that was my shareware program SaiD3U aka Palm Familiar, a D&D companion software for Palm OS. I discontinued it because of legal reasons; essentially, the terms of the D&D owner corp's quote-unquote "open gaming license" were such that a viable program for a small-memory, slow-cpu platform was simply not worth the effort. (Essentially it would have required that all algorithms covered by the OGL be in plain text, aka XML, rather than hardcoded.) I made a couple hundred off of that in registrations while it was still in beta. I probably could have made a decent amount if I fully released it. Ohwell.

SaiD3U/PF had a serial-based registration system that I'm pretty sure would have been trivially easy to both crack and release a keygen for. I made no effort to guard against that, as I figured anyone skilled enough to even know how to start was skilled enough to be not worth my effort to try to stop. And also that my app wasn't nearly a big enough target for someone to try cracking it. :-P

(FWIW I have since almost certainly lost all the soure code, keygen program, and god-mode compilation .prc. If someone is really really interested I could be convinced to go looking through my backups and archives as it may be around there ... somwhere. But damned if I know where.)

As most people even vaguely in hacker mindset, I think that:
* obscurity is not security
* if enough people want it to be cracked, it will be, period; maximum time 6 months (e.g. StarForce took about that long to be broken)
- viz. Windows Vista activation is not yet cracked (there's a workaround though, which is time-limited to june '07). But I'm certain it will be way before then, even though I'm also certain that Microsoft paid a lot of people a lot of money to prevent just that
* cracking-prevention programs are often counterproductive, as they can be buggy, introduce other problems, or otherwise harass both legitimate and pirate users
* harassing pirates is an ineffective way to get them to stop or to buy the product, but only to make them want to crack the harassment
* cracking is ethically neutral, as (per above) it's the implementation that is ethics-bound


Hacking

Again, I've never done it in the "break into someone else's system for malicious purposes" sense. I have broken into systems for other (beneficient) purposes, though generally through (to me) relatively simple methods. I don't consider myself particularly skilled at it, but here I am comparing myself against what I know to be the standards amongst those who are.

Malicious purposes (e.g. virii to install rootkits to operate an eggdrop zombie farm) are by definition unethical an I am strongly opposed to them.

Neutral purposes can be ethical if done properly & carefully, e.g. purely for curiosity, exploration, etc; if the legitimate owner can't get in and needs a "locksmith" who can, etc.

Whitehat pruposes - e.g. breaking into a system and then telling the op how to fix it - are a good thing.

That's all I have to say about that.


"Hacker"

To me, this is not a label describing a particular set of activities (viz., cracking, system compromise, etc) but rather a general worldview and approach to things.

Components (some core, some cultural):
1. Curiosity. Wanting to know how things work, even if you have no particular intention to use them, just because - rather than being satisfied with the dumbed-down-instructions version
1.1 Analytical mindset. Desire and ability to figure out how things work in their detailed subcomponent parts and in gestalt. Applies to everything. (This post is an example.)
1.2 Rationality. Using valid logic routinely as a matter of course standard wherever it is applicable, e.g. to any empirical question and many emotional ones. (Emotion is frequently considered "irrational", but I disagree - it merely has a different axiom set and places a far higher stress on associative inference than inductive logic does.)
2. Control: Desire to be maximally in control of systems; irritation at artificial limitations to this, like restrictive permissions, poor design, etc.
2.1 Configuration. Desire to have things configured just right - which is essentially a matter of making up for poor design. (Note how many hackers are still happy with well-designed things, like ipod's UI)
2.2 Freedom. Extreme dislike of any sense of restriction on fulfilling personal desires or whims (even hypothetical ones), whatever the source.
3. Information freedom. Desire to have most information (with ethical limits) be as free and easily found as possible.
4. Humor
4.1 Recursivity and self-reference
4.2 Cross-discipline puns
4.3 Intellectual / dry / witty / serious humor
4.4 Terseness
5. Meritocracy. Lack of instinct for "respect for authority" or respect for people by virtue of the positions they hold. Strong instinct for respect based on acheivements, talents, skills, or other personal qualities.
5.1 Personalization. Strong dislike of depersonalizing, "soulless" systems.
6. Design aesthetic. Love of good design, things that Just Work Right, are Pretty, are Shiny, are Powerful, or are otherwise Good Things (tm).
7. Personal drive. Belief in one's own desires, interests, etc. Holding one's own values as more important than those of the surrounding culture. Disdain / pity for people without strong personal interests as borderline-zombies.
7.1 Internalization over obediance. Belief that un-internalized rules are borderline useless; that they will be "cracked anyway" if someone wants to; and disobeyed when not enforced. Thus a preference for internalized, consensus-based governance; decentralization; generic anti-authority / anti-centralization stance.
7.2 Drive-based learning. Learning things when and where they are useful to learn, or expected to be in the future (unless they come under 'curiosity for its own sake' above). Dislike of being forced to study facts that are irrelevant, uninteresting, rote, and bullimically regurgitated.
8. Systems approach. Belief that most things are systemic, rather than one-time exceptions; that the source of a problem in the system itself must be fixed rather than patching the symptoms; that systems are a powerful tool. And conversely, that systems can be evil inasmuch as they take a life of their own and start existing to sustain themselves, rather than to serve their original beneficial purposes, and that when that happens they must be reformed (if possible) or destroyed and replaced (if not).

You'll note that these have very little to do with what someone actually does per se, though the mindset lends itself better to some jobs (programmer, designer, artist) than others (corporate wageslave, advertising, yesman, etc). It is also ethically neutral; I consider the blackhat/whitehat or hacker/cracker sort of distinction to be a completely separate one, and that people can be any combination of the above.

Only an incidental byproduct of this is being a skilled computer programmer. I have only had a handful of computer projects I wanted to accomplish - I learned what was necessary to accomplish them. I am not particularly interested in/by programming for its own sake, though I certainly appreciate programming as an art form. I am thus quite (or completely) unskilled in a number of areas of programming, simply by virtue of the fact that they have never been needed to accomplish something I felt like accomplishing.

This is why I would describe myself as a 'hacker', and consider it a term of praise when applied to others.


Schooling vs education (a short rant)

One thing I think is a terribly unforunate truth in the original Hacker's Manifesto - one echoed by almost all hackers I know - is of the extent to which our schooling failed us. Betrayed us even, as schools should exist to teach, and we of all people hunger to learn.

Schools are not too bad for educating most people, I suppose. I wouldn't really know; I have little empathy for that area of things. I only know my experience and those of my peers.

I have been in "gifted" programs throughout my life; this meant I took advanced versions of courses and (for math only) was several grades ahead by virtue of outside schooling (Kumon). I was held back from being blanket promoted some number of grades; my opinion on this matter was not particularly sought or understood, so I don't know how or why that happened. I was utterly bored for 99% of school, with all the ego-destructiveness of that boredom. I was not, until relatively recently, driven enough to be able to overcome that and learn for myself except in limited ways. I was smarter than most of my teachers. I had a scant few who were worth anything; I remember those. Some, like Colin Quinton (my chemistry teacher in HS) were later corrupted by the system themselves, which is an amazingly sad thing to see happen.

I don't know whether it would be possible to solve that problem while still working within the existing system. On the one hand, to teach me properly - i.e. to really fully max me out - would require an individually tailored program, and probably some very smart teachers. On the other, retaining all the psychological and social support any human needs would be very challenging.

The halfass approach - where with mainstreaming I have always been too different to be assimilatable anyway and the opportunities I was given for self-teaching were too daunting and unsupported - is simply not viable.

It has to be solvable. I believe that part of it is to teach people by giving them real projects that they would be self interested in pursuing. Not busy work that is challenging purely for the sake of being work. From my perspective that is straight abusive. Not things that are completely dissociated from the real world, real projects, real useful things. Not the stupid shit that I remember from elementary and junior school, and much of high school - the glorified posterboards, 'art' projects in English and history classes, etc. Absolute trash. To make me really learn, you have to first make me care.

Once I care, damn near all you have to do is help me along the way - answer questions as they come up, provide interesting things to read and problems I could solve, etc. Play with serious toys. This was always true.

I think in all this that I am completely not unique. I would guess that most of my fellow hackers feel likewise, and many of my friends who are not hackers.

I'd like the problem to be solved before it comes time to educate my own children, but I will educate them myself if I think that is the best available solution.

(This is of course one of the reasons for my interest in teaching as a profession, though I don't know if I would find satisfaction in teaching at the level at which I am complaining about here, i.e. in elementary and middle school, unless I were exclusively teaching hackers like myself - that could indeed be very rewarding, if combined with the usual assortment of other gigs.)