British hackers: Spotty teenagers they ain't

NEWS One Brit hacker -- turned computer security consultant -- believes the stereotypical hack profile is way off. "The image of the malicious teenager is really misleading. Most UK hackers are well educated and have jobs. Hacking here is more restrained because there is more of a moral or ethical climate. The US tends to be quite anarchic but here there is more respect for people's property. Hackers in this country also tend to target ISPs and bandwidth providers rather than the government because of a natural British respect for authority. I guess people are also a bit less flashy as well. Your mates are more likely to have a go at you if you do something just for notoriety." Another hacker -- Harlequin -- agrees, saying the UK scene is more congenial than elsewhere, perhaps because British hackers are more likely to know one another. "The Hacking ethic is more adhered to here. There is also less petty squabbling here than in the US between different groups because you know pretty much everyone face to face." Contrary to what you will hear from the Police, Harlequin denies British hackers are kept under control by the authorities' efforts. "Policing is low-key. The police here are not technically brilliant, but they do have a good idea of what it is important." Ask a police man though, and it is the law and not some mysterious British hacking ethic that stops the illegal activity making national headlines. DC Paul Cox, of the Metropolitan Police Computer Crime Unit, says: "The law is pretty effective and I think it is very effective at keeping (hacking) crime down in the UK." But while the pair argue over details there is no doubt that British hackers have a harder time gaining the notoriety their American kin enjoy. Medieval laws are a significant barrier. "The 1987 computer misuse act is very arcane" says Harlequin. "That makes it very easy for people to be arrested. The Police Computer Crime Unit is drastically under-funded and it is much better for companies to have independent security firms working on their behalf." But while UK hackers are keeping a low profile for myriad reasons, they are naturally keen to defend their international reputation. Another hacker-turned-security expert, Matthew Bevan was prosecuted for breaking into the Pentagon's computers in 1990. He believes British hackers can keep their heads high: "Hackers are not better in the US or Russia or anywhere. The people here a technically very competent. Definitely as good as anywhere," he says. Harlequin agrees and points to the slower rate of technology development in the UK, cheap Net access, greater bandwidth and a willing media are all factors that promote the American hacker. "That and the fact that there are just more people over there. Space Rogue, of US based security firm L0pht, believes there are some important technical distinctions between hacking practices in the states and the UK. "UK folks seem real interested in Smart Cards, Radio, and GSM stuff. There is interest in those things here but not as much. We really don't have GSM working yet, and Smart Cards are few and far between." Another difference lies in the actual underground scene. While the Americans promote major hacking conferences such as Def Con, the UK scene remains underdeveloped in terms of events and meetings "We don't have anything like Def Con here yet." Says Harlequin. "There are a few events, but nothing on that scale. They get the money for Def Con by putting on the Back Hat conference a few days beforehand. They get "black hat" hackers speak to "white hat" security guys for loads of money. I suppose that reflects how corporate driven things are in the US." Corporate intervention is not what the Brit hackers want. That would spoil the fun. "Corporates... that's where the fear comes from."