HOUSE_OVERSIGHT_018340.jpg

then inevitably kernel.org or it’s equivalent in any system is the ultimate target. Hackers might start with beer (your phone), a few glasses of wine (your office email system), but what they really want is full blotto (kernel.org). Such central black boxes exist in any linked system and they represent, at once, both the greatest accomplishments of our most masterful systems designers and the point at which other, as masterful digital machinists direct their most relentless attacks. Dullien saw something else too as he considered the work of hackers. Comparing system cracking to drinking wasn’t an accidental, funny aside for him. Hacking was almost a kind of addiction. It became a chase after a bigger and bigger high, which in computing terms meant a race to compromise as many machines as possible. Rapid escalation, a loss of self-control, the need for more and more - all these are the hallmarks of the best widespread attacks, which aim to expand the “compromise boundary” until every machine has been made sick. This is why stealing source code, the original instructions that lay behind any computer program, are sucha prize for Warez Dudes. Source code is the DNA of the black box, in a sense, it can be used break into other machines to, well, steal still more source code. This looked, to Dullien, an awful lot like addiction. And it’s not just lone teen hackers looking fora dopamine jump who were chasing machines with a blind addicts urgency. It infects governments too. “Surprising realization (at least for me) after the Snowden leaks,” Dullien observed. “Hacking is so addictive that entire organizations can become addicts and show addict-style behavior.”!55 This was the NSA or GHSQ or who knew what other intelligence service, for instance, in a feral hunger for more and more and eventually all data. And the ultimate high? Imagine if you could crack the CA, the Certificate Authority that provides proof that anyone working on a network is trustworthy. CA “trustworthiness guarantees” are keys that permit access to any computer, phone and network. The whole connected world depends on CAs to know if software is safe. To control the CA would be a dream for an addicted organization, like a set of keys to the local pharmacy. No lock would really serve much ofa purpose. You could touch the beating heart of any machine on earth. The ultimate black box. We should all hope the CA, at least, always remains pristine in this dangerous world. It was hacked in the summer of 2011. 6. Dullien’s observation that “every hacking binge ends at Kernel.org” touches something far deeper than just the world of hackers. Sure, that urgent drive to get to the very core of systems is a very specific, unquenchable digital thirst. It’s where the most power is, as we've seen. There’s a rush in getting there: When brain researchers found a spike in dopamine levels of university students engaged in password hacking, that was hardly a surprise to anyone who’s ever written or used 155 "Surprising realization”: Thomas Dullien, “Offensive Work and Addiction”, keynote presentation delivered at ISACA Nordic Conference (2014) 108 HOUSE_OVERSIGHT_018340