COLUMN ONE : Defining the Ethics of Hacking : The computer underground grapples with how far to go in breaking into wildly expanding networks. Users and officials battle over where to draw the line between exploration, exploitation.

Eric Corley, a.k.a. Emmanuel Goldstein--patron saint of computer hackers and phone phreaks--is having a party.

And perhaps it is just in time. 2600, the hacker magazine Corley started when he was 23, is a decade old. It has spawned monthly hacker meetings in dozens of cities. It has been the target of a Secret Service investigation. It has even gone aboveground, with newsstand sales of 20,000 last year.

But the wild expansion of the computer and phone networks that have traditionally been hacker stomping grounds--and an accompanying rise in electronic crime--has made life more complicated for Corley and others in the computer underground who claim to adhere to a higher ethical standard.

And as more corporations rely on electronic communications to conduct daily business, computer security--once the exclusive concern of elite computer technicians and their mischievous adversaries--is now a topic of heated public debate. Many are calling for tighter restrictions on those who roam their digital networks, and tough criminal penalties for unauthorized activities--even those that stop short of information theft or vandalism.

As hundreds of hackers converge in New York City this weekend to celebrate 2600’s anniversary, Corley hopes to grapple with how to uphold the “hacker ethic,” an oxymoron to some, in an era when many of 2600’s devotees just want to know how to make free phone calls.

(Less high-minded activities--like cracking the New York City subway’s new electronic fare card system--are also on the agenda).

For Corley and other purists, the hacker ethic begins with the notion that “all information should be free.” They view themselves as valiant holdouts against complete corporate and government control of ever-more-powerful information technologies. They break into computers, copy software and tease computer system administrators not out of greed or malice, they say, but out of a desire to understand the high-tech infrastructure and to keep the technocrats honest--and they say they take pains to do no harm.

It is an outlook that tends to run contrary to the principles of private property and ownership under capitalism. Businesses whose computers and phone systems are broken into in the interest of exploration and the greater good of society generally do not think much of hacker ethics.

Neither do law enforcement officials. “They say they’re doing it for the intellectual pursuit, and that sounds real nice,” said James Settle, former head of the FBI’s Computer Crime Squad, who was responsible for the indictment of “Phiber Optik,” an outspoken New York hacker who went to jail for computer trespassing this year. “But there are much bigger ramifications.”

Corley’s magazine takes its name from the 2600-hertz tone that used to control AT&T;’s switching system. Mimicking it--a way to gain free access to long-distance lines--was one of the first hacks learned by phone phreaks, those who focus on illicit entry into the public phone network. Legendary phone phreak John Draper, for example, received his alias, “Captain Crunch,” after discovering the whistle in a Cap’n Crunch cereal box emitted a perfect 2600 tone.

Although the phone company has long since abandoned the signal, the fundamental problem of defining a hacker morality remains much the same. “How do we know what constitutes criminal behavior and what does not?” asks Corley in a recent 2600 editorial. “Regrettably, the law no longer seems an accurate definer. With many of us, we just know when something doesn’t feel right. And in such a case, trusting your instincts is always a good idea.”

The 2600 editor in chief, who wears his hair long and sports a tool belt full of electronic gadgets, is quick to condemn the paranoia that he says amounts to a desire to stifle innovation and put the best and brightest explorers of the electronic frontier behind bars.

But Corley also goes as far as wishing that fewer people bought his magazine: “It’s gotten a lot bigger, which can be a bad thing, because a lot of people don’t really understand what hacking is about,” Corley said. “It requires a certain kind of spirit.”

Many law enforcement officials--and engineers charged with maintaining security on corporate and governmental computer systems--say they could do without hacker spirit of any kind. They are genuinely spooked by a huge increase in computer break-ins in recent years, and by the emergence of sophisticated hacking techniques that they do not understand.

In an ongoing attack on the Internet network that has extended into military computers and alarmed system administrators throughout the world, hundreds of thousands of passwords have been stolen by intruders using a program known as a “sniffer,” which records the first 128 keystrokes of every message that passes through a computer.

Security experts have been unable to trace the source of the attacks. But there is no evidence that the passwords have been used to harm or steal anything. “It’s probably too early to tell if it’s just an ‘intellectual enterprise,’ ” said Dain Gary, manager of the Computer Emergency Response Team, a government-funded agency at Carnegie Mellon University that investigates security violations on the Internet. “But the point is the integrity of those systems has been compromised.”

The team received 773 break-in reports in 1992. This year, the agency estimates that it will receive more than 2,300 reports. Many local law enforcement authorities now view computer crime as a major threat, and are training investigators accordingly.

Because no one likes to admit being a victim of break-ins, it is hard to assess the magnitude of computer crime. But security professionals believe that economic espionage via computer networks is on the rise.

And they say that the criminal hacker stunts of earlier years--such as Los Angeles-based Kevin Poulsen manipulating radio call-in contests to win free Porsches--are being replaced by higher-stakes hacking.

“You want me to screw around with your credit report? I can get that done for less than $1,000,” Settle said. “Just to get a report would probably cost me only $400. Why bomb the World Trade Center? Just shut down the power grid. There are hackers claiming from foreign countries that they can shut down the air conditioning in any city in the U.S. It’s all remotely monitored. You get to that computer, you can make the building you’re in right now 105 degrees.”

Gary said one problem is the lack of a value system. “Cyber-ethics are not being taught. Parents don’t know what their kids are doing. The kids themselves think of it as joy riding--but joy riding can be dangerous.”

Hackers counter that in a society increasingly dependent on technology, the very basis for democracy could be threatened by limiting technological exploration. “Hacking teaches people to think critically about technology,” says Rop Gonggrijp, a Dutch hacker who will attend the Hackers on Planet Earth conference this weekend. “The corporations that are building the technology are certainly not going to tell us, because they’re trying to sell it to us. Whole societies are trusting technology blindly--they just believe what the technocrats say.”

Gonggrijp, 26, publishes a magazine much like 2600 called Hack-Tic, which made waves this year with an article showing that while tapping the mobile phones of criminal suspects with radio scanners, Dutch police tapped into thousands of other mobile phones.

“What society needs is people who are independent yet knowledgeable,” Gonggrijp said. “That’s mostly going to be young people, which society is uncomfortable with. But there’s only two groups who know how the phone and computer systems work, and that’s engineers and hackers. And I think that’s a very healthy situation.”

2600 and its supporters have an unlikely ally in AT&T; computer security expert Kevin Hanely, who plans to attend HOPE and says he is looking forward to meeting the infamous “Emmanuel Goldstein.”

“I sometimes wonder how he knows so much,” Hanely admits, noting that 2600 has published articles on several internal AT & T documents over the years. “And I’m concerned when the information he shares gets into the hands of people who use it as a tool to hurt the customers that I try to represent. But we recognize the distinction between the hacker community and a community of criminal abusers.”

AT & T just formed an investigative team to stage electronic stakeouts on systems known to be violated in an effort to “take the bad hackers off the street.” Hanely said: “Hopefully the true hacker, the hacker who believes in the ethic of information and knowledge expansion will laud these efforts, because we’re going to help untarnish their image.”

LA Cellular appears to take a less sanguine view. The company says it hopes to find and prosecute a hacker who broke into a call between John Scott, the firm’s director of engineering, and his wife this month.

“TEK,” as the hacker calls himself--it’s short for “The Electronic Knight”--showed up at last week’s Los Angeles 2600 meeting in Union Station, armed with a notebook computer and cellular phone. The 19-year-old college student has written a computer program that allows him to track cellular calls throughout the region and trace the phone numbers.

TEK and a friend found Scott in the Cerritos Sheraton bar one evening. After disconnecting him from his wife, they listened as he called the office to demand that his engineers track them down. They paged him at the hotel, and left messages on his voice mail. The following week, TEK says, he called Scott back and the engineer told him that he should come work at the company’s fraud unit.

“He offered to buy my equipment, but I said no way. I’m not in it for the money.”

Still, he says he has stayed on the right side of the blurry line that separates hacking from criminal behavior. He has nothing but scorn for the hangers-on at the meeting who want him to help them reprogram their cellular phone so they can make free calls. “That’s kiddie stuff,” he said. “I do this because it’s cool to figure things out, to do stuff no one else has done before.”

Despite the elaborate measures they use on-line to disguise their identities, hackers flock to meetings like HOPE and the monthly 2600 gatherings. Attendance dropped off a bit, however, after a meeting in a Washington shopping mall in 1992 was broken up by mall police who were working with the Secret Service. (The illegal activities discussed in the magazine have long drawn the interest of the Secret Service, which along with the FBI is responsible for investigating federal computer crime).

Still, the desire to share information and meet other people like themselves is strong. The younger ones introduce themselves nervously by their handles. The older ones look out for police. Meetings are always held near banks of pay phones, so other meetings nationwide can be called.

At Union Station, about two dozen men and a few women, most in their teens and early 20s, gather around TEK’s computer, plugged into a handy outlet by the phones, until a guard breaks the meeting up.

Corley said: “One thing we tell people is if you want to know if you’re really a hacker, look and see if people are chasing you around wanting to cash in on your skills. If they are, you’re probably about to cross the line. If people think you’re just wasting your time, they think it’s all nonsense and you’re wasting your whole life, you’re probably a hacker.”

Corley does not hack anymore. He was arrested in 1983 for allegedly hacking into a system that gave him access to the electronic mail of corporations including Raytheon and Coca-Cola. (Charges were later dropped.) “It had a one-letter password--an a ,” he said. The then-23-year-old was told it would not be wise for him to continue with his plans to publish his magazine.

Not big on taking advice from authority figures, he went ahead. But he now treads on the safe side of the tricky hacker dividing line, taking the role of hacker spokesman and sometime-caretaker of his young colleagues.

That has not kept him entirely out of trouble. Numerous phone company attorneys have sent him “cease and desist” letters threatening lawsuits over 2600 articles about their networks, (all of which promptly are printed in the next issue).

Still, Settle, who left the FBI this year, says he repeatedly told his team that Corley was not doing anything wrong. “I have no problems with what Emmanuel does. We’ve been on panels together.”

Sometimes described as the hackers’ Fagin, Corley gave 22-year-old Mark Abene, a.k.a. Phiber Optik, a lift to jail, and responds to hundreds of letters from hackers and wanna-bes asking for information. He even finds himself giving advice sometimes:

“We get letters from people who say: ‘I want to be a hacker, I want to get credit cards. We tell them you’ve obviously watched ‘Geraldo’ too much, this is not hacking. We say, read the magazine.”