Hernandez 1
Cesar Hernandez
Prof. Martinez
English 1101
April 3, 2013
A Club of Hackers; Because Everyone is a Hacker
An Ethnographic Study of a Club of Hackers’ Discourse Community
Breaking News: “Hackers’ credit theft creates financial headache”, “Hackers steal US
government corporate data from PCs”, “Hackers Called Truth Seekers”, “Hackers’ for good:
Uncle Sam is looking for patriotic computer geeks.” Headlines like these nowadays come up so
often on major newspapers and news channels that the term hacker has come connote criminal
activities and anyone associated with it is automatically deemed to be nothing more than a low
life exploiting the hard work of others. However, this is not the case, and it is my intention with
this paper to demonstrate that not all hackers are the evil-minded individuals that popular media
portrays them to be.
What is a Hacker?
Knowing that I had the same predisposition that most people have towards hackers I
decided to adopt an unprejudiced frame of mind and conduct a study on a club of hackers’
discourse community. For this study I chose the University of Central Florida’s Collegiate Cyber
Defense Club because after being around for only one semester they had managed to place first
at the regional Southeast Collegiate Cyber Defense Competition. This therefore showed that the
members of this club were at the very least able to adopt James Paul Gee’s idea of “discourse as
Hernandez 2
sort of an identity kit which comes complete with the appropriate costume and instructions on
how to act, talk, and often write, so as to take on a particular role that others will recognize”, in
this case that of a hacker (Gee 481).
Upon arrival at the club’s meeting room for the first time on a Friday afternoon I was
prompted to sign an “Ethics Statement” without which I would have been prohibited to partake
in this and future meetings (Appendix A). This ethics statement simply told me the rules that are
enforced by the club and the university, as well as commons do’s and don’ts. What stroked out to
me the most about this contract was the last paragraph which simply read “I am joining this
organization to enhance my computer security skills and acquire knowledge. I vow to use my
skills and knowledge for non-criminal enterprises in keeping with UCF policy.” At first glance
this could have simply been written off as a precautionary measure on the club’s part, but what it
really shows is that they are aware that the knowledge they’re sharing can be dangerous if used
for the wrong intentions.
At the meetings I sat at the back with a notebook and took notes on what went on. The
meetings always began with the co-captain Jonathan Singer going through the club’s agenda
which included the speakers and the topics they will be covering as well as announcements on
future events. Halfway through my first presentation I realized the need for the “Ethics
Statement”, one of the speakers staged a phone call to another person in the audience, then using
his computer he was able to intercept the phone call, decode it, and play it back to the audience. I
also conducted an interview with Gaelen Adams who founded the club and currently also holds
the position of co-captain (Appendix B). In it, I asked him questions that ranged from the goals
of the club to the skills, or literacies, they need in order to participate in competitions to his
views on cybercrime.
Hernandez 3
On the latter question, Gaelen states that “a hacker is just somebody who knows more
about a system than the person who developed it.” He goes on to saying that “hackers are neither
good nor bad. Once you have acquired some sort of knowledge that you shouldn’t have it is what
you do with it that can make you an asshole.” He also makes the point hacking is not something
that’s new he says “I don’t believe that there is more cybercrime per say I just think that it is
more public now. I view computers like a modern hammer, in the old days they used a hammer
to break locks on doors; computers are the new hammers. This is not a new problem it just has
evolved into something different.”
Once I had conducted this interview and had collected enough data on this club’s meeting
procedures I analyzed this data and applied John Swales’ six characteristic of a discourse
community (Swales 466). I chose to focus specifically on the club’s common goals, genres, and
lexis used by the members, as well as literacies, as define by Tony Mirabelli, they must master
(Mirabelli 538).
Characteristics of a Discourse Community
Goals. During the interview with Gaelen I asked him what the club’s goals were and he
responded by saying “I want to foster a learning environment, where anyone regardless of their
knowledge can come in and participate in our meetings. We want people to see the good side of
cyber security and not what is portrayed on the media.” Here Gaelen talks about how we wants
the club to be seen; at the beginning of one of the meetings he started talking about how they had
made their first public appearance on the second page of the Central Florida Future newspaper
for winning first place at the regional competition (Appendix C). There is also the obvious goal
of winning as many competitions as possible. When I walked into the meeting room for the
Hernandez 4
second time the first thing I noticed was a countdown with large red numbers and a leaderboard
on the side being projected onto the front of the room. After looking around the room I realized
that the members of the UCF CCDC team were gathered in one corner of the room working on
the competition and soon after Jonathan made an announcement that this competition was one of
the ones that was open to the public and that we could all join in compete as a team. However,
one goal that was barely mentioned by the club was the fact that those teams that go on to the
national completion usually get hired by large corporations. This I view as the ultimate goal of
the members of this club because hackers usually work alone and therefore getting a job is
extremely difficult, however when they are allowed to exhibit their skills without causing any
real damage they can be easily recruited into high paying jobs.
Lexis. One of the major characteristics of a discourse community is the lexis they use, or the set
of terms that they have appropriated themselves with in order to convey certain meaning. This
being a discourse community of internet savvy members, plenty of terms can be found to be used
outside of their normal speech context. Most people with some sort of computer fluency will
understand terms like URL, cookies, viruses, and perhaps even certain internet protocols like
HTTP. These terms however are commonly used through the club where it is expected of the
members to know their meaning. Then there are those terms that even people like myself, who
work with computers on a very technical level, have a hard time understanding. Some of these
terms range from sending fake data over the internet with some purpose only know by the person
performing the action like “packet spoofing”, “IP address spoofing”, and “ftp fuzzing” to
checking for vulnerabilities that a computer on the web may have like “port scanning” and
“packet sniffing.” Lexis like these are very important during presentations and competitions
when someone wants to convey an action in as few words as possible such as “Hey use
Hernandez 5
Wireshark instead of Nmap on this network.” The reason why someone would say something
like this is because not only do they want this person to sniff some packets traveling through a
certain network, they also want the person to use Wireshark, the industry standard for such task,
instead of the other tool.
Genres. Whenever language is used to get something done whether spoken or written this can be
considered a genre. In this discourse community the most important genre is the website that is
currently maintain by team members and servers two main purposes (Singer). The first is an
open invitation to any member of the club to hack the website, for educational purposes only of
course, and in turn learn from experience how to defend from such attacks in the future. The
second purpose of the website is to hold news about the club, information about future events, an
archive of presentations from previous meetings, and most importantly a page dedicated to
resources that new comers might find useful such as tutorials and tools to familiarize themselves
with.
Having familiarized ourselves with this club of hackers’ discourse community and understanding
its constituents we can now focus on the literacies that they must gain fluency in if they want to
be successful at what they do.
Multiple Literacies
Tony Mirabelli defines literacy as not only be able to read and write but also to be able to
read people and that being “literate means to have control of a socially accepted association
among ways of using language, of thinking, and of acting that can be used to identify oneself as a
member of a socially meaningful group or social network” (Mirabelli 542). In other words, for
the members of this club to be considered members they must behave in certain ways, or like
Hernandez 6
James Paul Gee says either you are part of the discourse community or you are not, there is no in
between, and the only way to be part of it is to be fluent in it.
One of the most essential literacies that every member of this club or at least those who
participate in competitions must have complete fluency over is “the shell.” The shell is the most
direct way to speak to a computer, before computers gained the ability to display graphical
interfaces the only way to talk to a computer was through shell using text. This text consists of
countless of commands each of which can take numerous operands and in turn result in the
execution of different actions.
Another literacy critical for successful competing is knowing the basic of networking, or
in simple terms knowing how the internet works along with its countless of protocols and how
they interact with each other. Along with this it is essential for participants to understand the
Open System Interconnection (OSI) model works, which is divided into seven layers, each of
which is responsible for passing control, of information travelling from one computer to another,
to the layer above and below it starting from the application layer and working its way down to
the machine level and then back up. If one were to not be fluent in either of these they wouldn’t
be prepare to analyze a system for vulnerabilities.
Lastly and most importantly the contestants need to know how to read people. However,
this is much more difficult when one is simply sitting behind a computer and all the information
they have is how the system works and how a regular user would interact with this system.
Therefore these contestants must develop a skill called social engineering. Let’s say for example,
that one of the contestants wants to analyze a foreign system for vulnerabilities and that this
person knows some of the safety measures that this system has in place. In order to not be
Hernandez 7
detected they could use a program called SNORT which will send an array of fake attacks of
numerous kinds along with the real one in hope that the system not knowing which one is the
real one will be unable to deal with the situation. Another form of social engineering is when a
contestant knows that a user must type some sort of information in simple text and send it to a
server and therefore intersects these packets specifically looking for Hyper Text Transfer
Protocol (HTTP) packets which contain that simple text.
Conclusion
In the end we must come to the realization that not all hackers al evil. What I have shown
here is a club of hackers, not a hackers club. The main distinction between the two is that a
hackers’ club implies that there is only one type of hacker and therefore all of its members fall
under the same generalization whether good or bad. However, a club of hackers is a more
flexible term in that its members can be anyone regardless of expertise with all sorts of different
convictions and ethics. As Gaelen told me “a hacker is simply just somebody who knows more
about a system than the person who developed it.” Therefore if we extend this definition to all
aspects of life, than we can see why he chose to end our interview by simply saying “So yea, if I
am a hacker than everyone is a hacker.” What he is really saying with this is that if you are told
to believe something but instead choose to do something else out of your own convictions than
you have become a hacker. It is where those convictions lie that determines if you are that low
life exploiting the hard work of others. He knows this, now I do too, but so do the governments
around the world, hence why they are trying to recruit as many “patriotic computer geeks” as
possible to defend our country.
Hernandez 8
Works Cited:
Gee, James Paul. “Literacy, Discourse, and Linguistics: Introduction.”
Wardle and Downs 481-95
Swales, John. “The Concept of Discourse Community.”
Wardle and Downs 466-79
Mirabelli, Tony. “Learning to Serve: The Language and Literacy of Food Service Workers.”
Wardle and Downs 538-55
Singer, Jonathan. "UCF Collegiate Cyber Defense Club." UCF Collegiate Cyber Defense Club.
N.p., n.d.
Web. 03 Apr. 2013.
Hernandez 9
Appendix A:
Hernandez 10
Appendix B:
Interview Questions:
1. What is your name?a. Gaelan Adams
2. What is your major?a. IT/ Super Senior
3. How long have you been a member of this club?a. I founded the club.
4. What made you want to join this club and what are you trying to get out of it?a. I am trying to build a community for people to learn about computer security and
inspire good ethics in them. I want them to know right from wrong.5. In your own words, how would you describe the goals of this club?
a. To foster a learning environment, where anyone regardless of their knowledge can come in and participate in our meetings. We want people to see the good side of cyber security not what is portrayed on the media.
6. How hard do you believe it is to join this club? Are there any prerequisites?a. Everyone is welcome to come to our meetings; anyone can come in and hopefully learn
something new. Even if they walk in knowing nothing about computers but walk out of here knowing something new then we have done our job.
7. What methods of communication does this club use?a. IRC, Facebook posts, and email.
8. What methods of feedback does the club use?a. Verbal communication, anonymous emails, we take suggestions from the members:
they wanted to learn about Metasploit so we had someone make a presentation on it.9. Who do you believe has power in this club? How does one gain power in the club?
a. We like to keep it flat, “board members” have certain privileges like the right to reserve rooms for meeting and events but for the most part we like everyone to have an equal voice.
10. Did you try to join the competing team KnightSec? Did you get in?a. The team is actually called: CCDC Team, I am part of it as co-captain with Jonathan
Singer.11. What is the selection process for members of this team?
a. This is our first year so we mostly looked for people with previous experience and who had shown participation within the club. This will probably change in the future where we will be having tryouts.
12. Are competitions only for the KnightSec team or can anyone participate in them?a. There are two types of competitions. There is the Cyber Collegiate Defense
Competitions which are sponsored by the NSA and it is only for the members of the competing club. These competitions are very rigorous because our team is given a
Hernandez 11
machine and we must defend them from a red team hired to break everything and stomp on us. The other competitions are called Capture the Flag, these competitions are similar to Jeopardy games where there are categories of questions which range from reverse engineering to looking up someone on Google, and they are open to anyone.
13. How did you do in these competitions?a. On average we are usually on the top 20% of the leaderboards.
14. What kind of skills do you believe are important to have? As a professional? For competitions?a. Good communication, need to have original thinking, very logical thinking. Technical
skills range from knowing how to program in Python, to being able to use tools like ADA, WireShark, Netcap and Snort.
15. What are your views on cybercrime in the past couple of years? Do you believe anything needs to change?
a. I don’t believe that there is more cybercrime per say I just think that it is more public now. I view computers like a modern hammer, in the old days they used hammer to break locks on doors; computers are the new hammers. This is not a new problem its just has evolved into something different.
16. In your own words, how do you define a hacker? Can hackers be good? Based on your definition of hackers do you consider yourself to be a hacker? If so what kind?
a. A hacker is just somebody who knows more about a system than the person who developed it. Do you believe everything you are told? If you do you are nothing more than someone’s bitch, if you don’t and choose to mess with that than you are a hacker. However, hackers are neither good nor bad. Once you have acquired some sort of knowledge that you shouldn’t have it is what you do with it that can make you an asshole, and that’s what gives hackers the stigma they get from society. We are all hackers, hacking is not something that is just related to computers. There two types of hackers, white hat hackers which are the ones that make the decision to inform companies about vulnerabilities and then there are black hat hackers who decide to make a profit those vulnerably. So yea, if I am a hacker than everyone is a hacker.
Hernandez 12
Appendix C:
Top Related