2600: The Hacker Quarterly - Spring 2025

What DOGE and their kind are learning is that you can't hide from the past, especially with an efficient team of web crawlers.

The worst part is, built-in security defaults mean poor architecture decisions still work and are "secure" on the parameter - enough to get a tick from a big pen-testing firm or stop it showing in Shodan. So these people think they've done a good job. Software developers aren't immune either - while code scanners can find secret strings, it doesn't stop code being implemented in a bad way.

You don't need to set the IRQ number on hardware, edit config files to get games running, monitor your swap file, set jumpers on hard drives, or even download drivers anymore. It's all handled for you automatically. There's less opportunity for learning and tinkering, gatekeeping potentially a whole new generation of curious hackers from fundamental skills they need to think for themselves.

Being diagnosed late in life, sadly, is pretty normal. Many don't reach their 30s due to depression and resulting physical ailments and mental disorders acquired from our social environments. Autism presents no danger to anyone. People do

It still irks me, when adults quote a child's "cute question" but don't take it seriously. Categorizing curiosity as growing pains, nothing to worry about. As long as it doesn't get annoying… you know the drill.

My main source of trouble was and is that I can't live with "because that's the way things are," or, to use a quote from around 1930: "This lesson I was taught by others: might makes right," made by Carl Panzram, serial killer, amongst other things. This statement for me is a pointer to when things had already derailed.

X:

They watch what you tweet,
Can ban you or change the rules,
Nothing stays the same.

Amazon:

They track what you buy,
Change prices or stop items,
You're not in control.

Facebook:

Your data is theirs,
They can change or block you fast,
Break the rules, you're out.

Did I need to put a citation in for the LLM and am I a noob and a phony for using it?

I think it's OK to use it for generating a README. But would it be OK for writing this article? I think that answer is hell no. I don't want to read LLM-generated content and I don't think I'm alone. We get a lot of it. I think it lacks authenticity and that's super important for both the writer and the reader. LLM-generated writing sucks.

Genius, it has been said, lies not in simply knowing one subject or art very well, but in the ability to synthesize ideas and concepts.

As hackers, we have to not just strive for the truth, but insist on shining a light into the darkness of lies, deceit, and conspiracy. Where our mission is to push the limits of technology, it is incumbent upon us to raise our voices against the denial of science and "alternative facts." Our community has been fighting the good fight against the narrative of corporate greed and control by our three branches of government. At no time has this been more critical than the dystopian reality we currently find ourselves in.

Don't fool yourself that a system is secure. Especially when the IT team doesn't understand what good looks like.

Security by design is inherently a good thing. However, the tradeoff means people have lost appreciation to understand why and how things work.

Skills are learned through the necessity of application. By simply understanding how protocols work and how systems interact with each other, you have a very good grasp of how to secure your entire stack more than what best practice books or tutorials will show you.

On a Windows 2000 lock screen, selecting "help" and right-clicking on a button gave the choice to print the help dialogue pop-up. After bringing up the print window, pressing "F1" launched the printer's dedicated help application. On this application, by clicking "File > Open" and browsing to "My Computer", it would get you into the logged-in account's desktop, bypassing any authentication.

In post-factual times, where "alternative facts" trump; where "TruthTM" depends on an individual's mood, social status, or gut instincts; where we mess with our heads for LOLs; where "divide and exit" is the go-to strategy, facts became vapid.

The hacker world also experienced attempts to create ethical standards (don't laugh!) of which I too am guilty of having spread. Like: "judge one only by one's actions, not by one's gender, etc." - until I connected "one's freedom-fighter is another one's terrorist" with that idea

2600:

Hackers' sacred guide,
Secrets shared through printed code,
The underground speaks.

Microsoft:

They own your software,
Track what you do on their apps,
Rules can shift at will.

Apple:

They own what you buy,
Control what apps you can use,
Rules can change anytime.

Google:

Google tracks your moves,
Can stop or change things anytime,
Follow the rules, please.

To blindly trust those who were given unfettered access on a whim is about the most foolish thing we can do. In fact, there are even members of DOGE who had a history of such actions, yet were still allowed access. This is an injury that will be afflicting our nation for years, if not decades.

When I first took on this responsibility, I was amazed to find that those public library kiosk PCs had direct SMB access to improperly configured file shares the courtrooms across town had configured to share docket information between attorneys and judges. So much for privacy. (I wish I was making this stuff up.)

What can easily be compared to the past is today's willingness of a part of the populace to go along with whatever they're told, despite obvious evidence to the contrary. "Freedom of speech" is supposedly part of the new way, unless you say something critical or challenging, in which case you're punished. "Cancel culture" is over, unless you disagree with the party line, in which case you are purged.

DOGE quietly and without comment began erasing its many inaccurate claims and figures, ostensibly to make it seem as if they never existed. But again, this doesn't work in the face of freedom-minded and fearless individuals and institutions. archive.org has been performing one of the greatest public services of our age simply by archiving government websites that are being wiped or changed.

So what is the hacker ethic? What does it mean to be a hacker?

At its most basic core, the hacker ethic is about removing the obstacles and artificial limitations that impede the pursuit and practice of advancing our technological and philosophical skill set to remove barriers to entry, and to empower everyone to educate themselves with facts.

We didn't stop to ask the question "how do I become or learn xxx?" They say necessity is the mother of invention, and there is no greater necessity than survival. It never occurred to me to ask "how do I learn xxx?" in the hacker community… that too was a matter of taking risks to ask and learn, but more importantly, to do the work! Without effort, in any pursuit, you won't get far.

most hacking wasn't from geniuses; it was just prodding things outside of expected behavior.

When I was a kid, I used a modded tone dialer, but that didn't make me a hacker. Solving problems with the tools that I had made me a hacker. I think using an LLM to help you code is valid, although possibly script-kiddie territory depending on how you use it. It's a tool like any other. Hacking has always been about using and abusing available tools whether that's a red box or an LLM.

Google search is dead. It was a great tool to find things, but LLMs can retrieve that information so much faster. I never once felt like less than a hacker for using a search engine. What is it that gives me pause when I use an LLM to help me code that doesn't when I use a search engine to find exploits or regex? Is it too easy? When the LLM generates the code, there isn't some poor coder with a two liter of Mountain Dew celebrating the success at 3 am. The sense of accomplishment is not there, but I think the only thing that matters for code is that it works.

For every attempt to secure the network and minimize risk, there was always an equal and greater rebuttal to leave everything alone. Whether it be department heads, city manager, or even city council, I could never enact even the most basic of security best practices without a fight.

We welcome transparency in government organizations whenever possible. People certainly deserve to know the truth behind where their tax dollars are going and what policies are being carried out in their name. Eliminating waste and fraud is a laudable goal when done in a competent, fair, and open manner.

However, none of that appears to be happening here. DOGE has tried to operate in complete secrecy.