Muddled History of the Digital Underground: Why realhackhistory Exists

The image at the top of this blog is, from what I can find, the first stock image photo of a hacker in a ski mask that ever appeared in print, carrying on a visual association between hackers and bank robbers or safe crackers that has continued since 1969.

How tropes and stereotypes originated and became perpetuated in the media is one of the main focuses of the realhackhistory project.

We can be almost certain of being wrong about the future, if we are wrong about the past.

Gilbert K. Chesterton

Before I try to define what this website and the associated YouTube and Mastodon accounts are all about I want to discuss what they aren’t.

This history research, documentation and analysis project is not about trying to dox hackers from the past, reveal secrets that could get people into legal peril or fuel hacking scene gossip. I’m not interested in when Java was invented or the anniversary of the first web browser being created here either though, we are talking about hackers. The ‘darkside’.

This project is about documenting the history of people like Neal Patrick in the video below, who became the face of hacking in 1983 after being raided by the authorities, along with his hacking group the 414s.

https://www.youtube.com/watch?v=dA3NuQdhu5U

Behind the blogs, the YouTube videos, FOIA documents, clips of funny hacker related TV shows or movies and the memes, realhackhistory is a genuine desire to keep the knowledge and stories of hackers of the past alive and provide some lessons that can still help people interested in hacking today.

I envision realhackhistory as a trail of breadcrumbs to help get you started on your way to understanding the past, and hopefully the present, of hacking better. Think of this as digital archaeology, if it makes it all sound cooler.

Information on the Internet is frequently wrong

If we start with some basic questions such as “what was the first computer virus?” or “when was the first denial of service attack?” and plug them into your search engine of choice you’ll start to notice something.

It isn’t that there are conflicting answers, some of these questions hinge on a subjective understanding of details such as what defines a computer virus, what operating system did it function on, what language was it coded in, etc. No, you start to notice how many answers that are clearly wrong are stated emphatically as fact.

We need an example, right? Let’s analyse this text below, from the online version of Encyclopedia Britannica:

The first documented DoS-style attack occurred during the week of February 7, 2000, when “mafiaboy,” a 15-year-old Canadian hacker, orchestrated a series of DoS attacks against several e-commerce sites, including Amazon and eBay.

Encyclopedia Britannica, “denial of service attack” entry

Let’s unpack this. While it is true that mafiaboy carried out a widely reported on campaign of distributed denial of service (DDoS) attacks against high profile websites in 2000. This was not the first distributed denial of service attack and definitely not the first denial of service attack either.

Distributed denial of service attacks, called “Net Strikes” by participants, were organised by hacktivists in the mid 90’s against French government websites which involved getting people to manually refresh those websites at a set time. There was also a huge DDoS attack against Manhattan based ISP Panix in September of 1996.

The first denial of service attack over a computer network is widely believed to have been in 1974, when someone discovered a way to use a newly introduced feature in TUTOR to lock up other PLATO terminals remotely at CERL, the Computer-based Education Research Laboratory, at the University of Illinois Urbana-Champaign.

It doesn’t necessarily matter that there may have been other denial of service attacks before 1974, what matters I think is that the first denial of service attack was definitely not in 2000 and that this is incorrect information being presented as fact.

How did this clearly wrong history sneak into an encyclopedia? I would suspect the loop of incorrect information that begins to be circulated online and eventually becomes, through copying, regurgitation and repetition, accepted fact. Nobody bothers to go back to original sources, lazy journalism becomes grist for a slew of blogs which eventually becomes part of a reference book and then accepted fact.

Incorporating AI into search engines will only make this problem worse, if the average of all the information about the history of hacking is a bunch of copypasta in infosec marketing or lazy journalism then that is what the AI search function will regurgitate. Garbage in, garbage out.

Tracing attitudes to hackers in pop culture

Hackers were not always demonised, hacking was not always a part of pop culture and the word “hacker” itself was not widely used to describe anything other than a bad golfer until mid 1983. I’ve written a whole blog on the topic.

We can look at how journalists wrote about hacking and hackers in the past and how hackers evolved as character archetypes and hacking became a trope in movies and television.

We can chart the way hackers are viewed, from novelty or curiosity through to menace and then back to heroic anti-heroes before lately becoming a facet of shadowy criminal gangs, as the view of hackers as professionalised “cybercriminals” takes hold in the public imagination.

The 90’s saw an explosion of hacker and hacking related movies as people became unable to ignore the rise of the internet and computers became a part of every day life. I made a YouTube video about one such movie, The Net.

https://www.youtube.com/watch?v=ug3-h7nYV0Q

Hacker related documentaries, news segments and TV specials created by non-hackers provide a fascinating snapshot of the attitudes towards hackers and how hacking touched on current events at the time the documentary was filmed. I’ve put as many as I can find from over the years up on my YouTube channel.

Preserving & promoting hacker culture

While a lot of people have heard of 2600 Magazine, or the phrack e-zine, there is a lot more hacker culture created by hackers themselves out there waiting to be discovered.

Take published books about hacking written by hackers for instance, in the UK there was various editions of Hugo Cornwall’s book “The Hacker’s Handbook”, originally published in 1985. There was also infamous subversive publisher Loompanic’s book “The Computer Underground: Computer Hacking, Crashing, Pirating, and Phreaking” by M. Harry, which was also published in 1985.

Reading these books not only give us a snapshot of the scene at the time through the author’s eyes, but also a chance to read how hackers themselves defined a hacker.

This book uses the word in a more restricted sense: hacking is a recreational and educational sport. It consists of attempting to make unauthorised entry into computers and to explore what is there. The sport’s aims and purposes have been widely misunderstood; most hackers are not interested in perpetrating massive frauds, modifying their personal banking, taxation and employee records, or inducing one world super-power into inadvertently commencing Armageddon in the mistaken belief that another super-power is about to attack it.

Every hacker I have ever come across has been quite clear about where the fun lies: it is in developing an understanding of a system and finally producing the skills and tools to defeat it. In the vast majority of cases, the process of ‘getting in’ is much more satisfying than what is discovered in the protected computer files.

“The Hacker’s Handbook” – Introduction, Hugo Cornwall, 1985

Documentaries about hackers by hackers or people affiliated with the hacking scene are a more vivid look at some of the personalities who shaped scene history, or notable events that took place. Annaliza Savage’s “Unauthorized Access” released in 1994 is required viewing, as is “Hackers 95” by Phon-E and R.F. Burns, released in 1995 (of course), you can see a short clip of below.

https://youtu.be/7abDgYYXhks?si=8upHxOHKs8wB6jX2

Over at textfiles.com you can find an incredible resource in the form of archived hacker scene text files, from the BBS years up to the era of the world wide web. Among the files archived is a great many hacker e-zines, or electronic magazines, text and text ASCII art documents that were published on a regular or semi-regular schedule.

The most famous hacker e-zine is undeniably phrack magazine.

Basically, we are a group of phile writers
who have combined our philes and are distributing them in a group. This newsletter-type project is home-based at Metal Shop… These philes may include articles on telcom (phreaking/hacking), anarchy (guns and death & destruction) or kracking. Other topics will be allowed also to an certain extent.

phrack issue #1, Taran King, November 17th, 1985

Hacker media is also in print though, with magazines like the now defunct Technological American Party Magazine of the 1970s or Blacklisted! 411 back in the nineties or 2600, which is still going strong.

2600 Magazine began in January of 1984 with an article discussing a criminal case that contributors to the magazine had been involved in the year before the first issue came out. It was a series of raids on young hackers across the U.S. that the FBI called “Operation Mainframe”. I created a video on one of the groups caught up in the FBI investigation, the Inner Circle.

https://www.youtube.com/watch?v=ppbx2POxxZU

2600 staff continued to be involved in hacking related incidents in the years after, as we can see from the article from 1985 below that notes that the editor of 2600 had his BBS seized by New Jersey police.

You can find scanned issues of publications like Blacklisted! 411 over at archive.org and you can subscribe to 2600 over at their website.

Freedom of Information Act requests

Locked away in dusty archives is a wealth of information on the history of hacking, specific hackers and hacking groups, held by government bodies and law enforcement agencies.

To paraphrase NatSecGeek, if you are willing to take five minutes to write a FOIA request and then to wait potentially years for that request to be fulfilled you can eventually find yourself with documents that can rewrite our understanding of events in the history of hacking. My inspiration for pursuing FOIA requests as part of realhackhistory has been the aforementioned NatSecGeek as well as hexadecim8 and their Hacking History project.

You can find the documents they have retrieved from various archives here, and you can find my uploads of responsive records over at archive.org.

If requesting FOIA documents can be a bit boring and laborious, receiving them makes me feel like a little kid on Christmas morning.

FOIA archive requests can turn up completely different versions of events that had long been considered to be definitively settled. Records can show us scans or photocopies of newspaper or magazine articles since lost to time, printouts of webpages that are no longer online and the chance to see how government agencies or law enforcement have viewed the computer underground over the years.

In requesting documents I have primarily focused on records relating to hacking incidents between 1980 and 2005, with a particular interest in records from the early to mid 1980’s as records can degrade or get lost over time.

Because of FOIA requests we can see that in 1983 some people were so upset about the FBI raiding high-school age hackers linked to the Inner Circle hacking group that they wrote their Senator in California.

Or we can see the actual photocopies of notes of targeted systems seized by the FBI from those same hackers.

The text files, e-zine and magazine articles written by hackers provide one part of the story, the newspaper articles and TV segments on hacking incidents provide another and FOIA documents are the last piece of the puzzle that we as hacker history enthusiasts can hope to get our hands on in terms of records.

I plan future blog entries on how to file FOIA requests, how to decide what to FOIA and some dead ends I have reached in relation to past hacker events and incidents that someone else might want to pick up the threads from.

In conclusion

So that’s it, an explanation as to why realhackhistory exists, long since overdue and the start of a call to action for others who are interested, to see what they can add to the public knowledge of the roots of the hacking scene.

If I can outline a roadmap for the future of the project, I want to expand my understanding of the history of hacking outside of the English speaking world, start finding countries outside of the U.S, the U.K. and Australia to FOIA and pursue freeing more media from closed archives.

I’d also like to take this time to thank the people who have inspired me along the way, in particular Gabriella Coleman, Emma Best and Emily Crose, for encouragement and guidance on this great journey.

If we don’t preserve our history, nobody else will.

#1 #1980s #BBS #computer #cracker #crackers #cracking #cyberSecurity #cybersecurity #darkSide #darkside #DDoS #encyclopedia #FBI #films #FOIA #hacked #hacker #hackers #hacking #historical #history #InnerCircle #IRC #mafiaboy #media #Movies #newspaper #police #security #technology #television #TV #underground #WarGames

色々と思うところがあった結果喋ることにしてみた。落ちたプロポーザルの話をしてきます。

Web UI 実装勉強会 #1 - connpass

https://ui-devs.connpass.com/event/364448/

参加〜LTではないけどなんらかネタ持ち込んでいこう

Web UI 実装勉強会 #1 - connpass

https://ui-devs.connpass.com/event/364448/

当日に北海道入りしてるんだよなー

Cloudflare Workers Tech Talks in Hokkaido #1 - connpass

https://workers-tech.connpass.com/event/365479/

We're excited to announce that we've implemented RFC 9421 (HTTP Message Signatures) in #Fedify, complete with our double-knocking mechanism to maintain backward compatibility with the draft cavage version.

This implementation includes both signature generation and verification, meaning #RFC9421 is used when both sending and receiving activities. While we haven't merged the RFC 9421 implementation branch yet, we're currently conducting interoperability tests with development versions of Mastodon and other #ActivityPub implementations. Once these tests confirm compatibility, we'll proceed with the merge.

As noted in the attached docs, although RFC 9421 is the final and official standard for HTTP Signatures, the draft cavage version remains widely used across the #fediverse. Our double-knocking mechanism ensures maximum compatibility by trying the RFC 9421 version first, then falling back to draft cavage if needed.

Currently, we support RSA-PKCS#1-v1.5 key pairs for generating HTTP Message Signatures, with plans to expand to other signature types in future releases.

We look forward to contributing to a more standardized and secure fediverse!

#fedidev

We're excited to announce the release of Fedify 1.5.0! This version brings several significant improvements to performance, configurability, and developer experience. Let's dive into what's new:

Two-Stage Fan-out Architecture for Efficient Activity Delivery

#Fedify now implements a smart fan-out mechanism for delivering activities to large audiences. This change is particularly valuable for accounts with many followers. When sending activities to many recipients, Fedify now creates a single consolidated message containing the activity payload and recipient list, which a background worker then processes to re-enqueue individual delivery tasks.

This architectural improvement delivers several benefits: Context.sendActivity() returns almost instantly even with thousands of recipients, memory consumption is dramatically reduced by avoiding payload duplication, UI responsiveness improves since web requests complete quickly, and the system maintains reliability with independent retry logic for each delivery.

For specific requirements, we've added a new fanout option with three settings:

// Configuring fan-out behavior
await ctx.sendActivity(
  { identifier: "alice" },
  recipients,
  activity,
  { fanout: "auto" }  // Default: automatic based on recipient count
  // Other options: "skip" (never use fan-out) or "force" (always use fan-out)
);

Canonical Origin Support for Multi-Domain Setups

You can now explicitly configure a canonical origin for your server, which is especially useful for multi-domain setups. This feature allows you to set different domains for WebFinger handles and #ActivityPub URIs, configured through the new origin option in createFederation(). This enhancement prevents unexpected URL construction when requests bypass proxies and improves security by ensuring consistent domain usage.

const federation = createFederation({
  // Use example.com for handles but ap.example.com for ActivityPub URIs
  origin: {
    handleHost: "example.com",
    webOrigin: "https://ap.example.com",
  },
  // Other options...
});

Optional Followers Collection Synchronization

Followers collection synchronization (FEP-8fcf) is now opt-in rather than automatic. This feature must now be explicitly enabled through the syncCollection option, giving developers more control over when to include followers collection digests. This change improves network efficiency by reducing unnecessary synchronization traffic.

await ctx.sendActivity(
  { identifier: sender },
  "followers",
  activity,
  { 
    preferSharedInbox: true,
    syncCollection: true,  // Explicitly enable collection synchronization
  }
);

Enhanced Key Format Compatibility

Key format support has been expanded for better interoperability. Fedify now accepts PEM-PKCS#1 format in addition to PEM-SPKI for RSA public keys. We've added importPkcs1() and importPem() functions for additional flexibility, which improves compatibility with a wider range of ActivityPub implementations.

Improved Key Selection Logic

The key selection process is now more intelligent. The fetchKey() function can now select the public key of an actor if keyId has no fragment and the actor has only one public key. This enhancement simplifies key handling in common scenarios and provides better compatibility with implementations that don't specify fragment identifiers.

New Authorization Options

Authorization handling has been enhanced with new options for the RequestContext.getSignedKey() and getSignedKeyOwner() methods. This provides more flexible control over authentication and authorization flows. We've deprecated older parameter-based approaches in favor of the more flexible method-based approach.

Efficient Bulk Message Queueing

Message queue performance is improved with bulk operations. We've added an optional enqueueMany() method to the MessageQueue interface, enabling efficient queueing of multiple messages in a single operation. This reduces overhead when processing batches of activities. All our message queue implementations have been updated to support this new operation:

• @fedify/redis 0.4.0
• @fedify/postgres 0.3.0
• @fedify/amqp 0.2.0

If you're using any of these packages, make sure to update them alongside Fedify to take advantage of the more efficient bulk message queueing.

CLI Improvements

The Fedify command-line tools have been enhanced with an improved web interface for the fedify inbox command. We've added the Fedify logo with the cute dinosaur at the top of the page and made it easier to copy the fediverse handle of the ephemeral actor. We've also fixed issues with the web interface when installed via deno install from JSR.

Additional Improvements and Bug Fixes

• Updated dependencies, including @js-temporal/polyfill to 0.5.0 for Node.js and Bun
• Fixed bundler errors with uri-template-router on Rollup
• Improved error handling and logging for document loader when KV store operations fail
• Added more log messages using the LogTape library
• Internalized the multibase package for better maintenance and compatibility

For the complete list of changes, please refer to the changelog.

To update to Fedify 1.5.0, run:

# For Deno
deno add jsr:@fedify/fedify@1.5.0

# For npm
npm  add     @fedify/fedify@1.5.0

# For Bun
bun  add     @fedify/fedify@1.5.0

Thank you to all contributors who helped make this release possible!

#fedidev #fediverse

面白そうクラ

ブラクラクラ(Browser Crash Club) #1 - connpass

https://browsercrashclub.connpass.com/event/350203/

Today's my work on #Fedify: Support PEM-PKCS#1 besides PEM-SPKI for RSA public keys.

Although the vast majority of ActivityPub software encodes RSA public keys in PEM-SPKI format, some software encodes RSA public keys in PEM-PKCS#1 format (see: https://github.com/fedify-dev/hollo/pull/109#issuecomment-2662591619). Fedify currently only accepts PEM-SPKI format, so it needs to accept PEM-PKCS#1 format as well for better interoperability.

https://github.com/fedify-dev/fedify/issues/209