Tapping Into the Underground

Many complicated, proprietary systems attract a dynamic community of underground innovators who explore and alter them — and not always in ways that manufacturers appreciate. These individuals have little regard for the business models that companies have carefully devised to profit from those systems. Instead, they are driven by utility, curiosity and occasionally even anger, bypassing technical and legal safeguards in their drive to explore. Called by different names — hackers, phreakers, crackers and modders, among them — these underground innovators have complex and often antagonistic relationships with the companies whose products they modify. For instance, after an avid customer developed free software for Aibo to make the mechanical dog dance, manufacturer Sony Corp. responded with a threat of legal action. Did Sony miss a golden opportunity, or are the potential benefits of tapping into such unauthorized activities not worth the possible risks?

To answer that, I have studied underground innovations in various industries, including software, telecom, video games and DVDs. For this research, I monitored message boards, studied primary digital document repositories and interviewed a number of underground innovators, outside analysts and company employees. In many cases, underground innovation triggers a war between the community and the company. But if handled properly, it can also lead to cooperation between the two parties, potentially resulting in new business models and novel products.

Few companies actually plan for — let alone desire — the emergence of an underground community. Instead, they go to great lengths to secure their proprietary systems to discourage such activities. But those efforts are often futile. If an underground community finds a proprietary system worth exploring, the company can do little to prevent that activity, and the opportunities for such innovation have only increased as products have become more electronically sophisticated. Consider, for example, how microchips now control not only robotic dogs but everything from microwave ovens to automobiles. Thus, instead of expending tremendous resources in an attempt to build impenetrable products, companies should expect and plan for their systems to be breached. The goal then becomes one of peaceful — if not mutually beneficial — coexistence. To achieve this, however, companies first need to understand how underground communities operate.

Elites and Kiddies

Underground groups typically contain two distinct classes: elites and kiddies. “Elite” is a term reserved for those who truly innovate — the wizards who understand the inner workings of a proprietary system and are able to make it do things never intended by its developers. “Kiddie” is short for “script kiddie,” signifying someone who does not truly understand a system but merely uses tools created by the elites to exploit the system in some way. At first this might seem like the natural divide between experts who understand products and others who just use them — the difference between auto mechanics and the average consumer who drives but has little working knowledge of cars. The distinction, however, is far more complex.

In an underground community, elite status comes from achievement, usually from original work with some scientific or engineering significance and not from pranks or thefts. Generally speaking, elites are not interested in innovating for the sake of theft. To them, underground innovation, no matter how seriously it is taken, is primarily a hobby motivated by intellectual curiosity. Many elites have normal day jobs or they attend school, playing the role of hacker only during their free time. To that end, though, they will devote countless hours attempting to perform some complex task, like writing software code that enhances the functionality of an existing program, for which remuneration is unlikely. Elites are the heroes of the underground; some are even worshipped like rock stars. For elites, credit and reputation matter tremendously, serving as both a reward for their work and as a way to distinguish themselves from the vast majority of the underground community — the kiddies.

Not only do kiddies represent a considerably larger group, they also have a much wider range of motivations. Many are aspiring elites, but some are pure vandals who are responsible for the vast majority of hacking damage. Kiddies are also more likely to be caught, and their ploys often receive extensive media coverage, tainting people’s perceptions of the entire underground community.

The Underground Cycle

Elites and kiddies play very different roles in the life cycle of an underground innovation. That cycle typically includes the following six stages: (1) discovery, (2) exploitation, (3) reaction, (4) war, (5) incorporation and (6) boredom.

1. Discovery

Elites are the first to uncover the inner workings of a proprietary system. Their exploration tends to be small-scale, with only handfuls of users innovating, often by working directly with one another. With “phreaking,” or the hacking of the phone system, discovery commenced in the late 1960s, when the original MIT Tech Model Railroad Club, among other aspiring engineers around the country, investigated how the phone network responded to the playing of various audio tones into a receiver. An important early invention of these groups was the “blue box,” which mimicked the tone used by pay phones to indicate that a coin had been inserted. This was seen as a natural extension of the work the club was doing with early computers, rather than as an activity that was potentially illegal. This view is typical: During the discovery period the underground innovators perceive their work as harmless or even as possibly helpful.

2. Exploitation

When news of the discovery spreads, reaching other potential elites and the first kiddies, the stage is set for exploitation. During this phase, the number of people with access to the underground information can increase dramatically, as whenEsquire magazine published an article in 1971 that introduced the blue box to hundreds of thousands of readers. Exploitation is often a time of great innovation — underground activity has yet to be specifically outlawed, and many people are interested in becoming a part of the community, discovering and sharing new ideas. But it is exactly this burst of activity that leads to abuse. Kiddies eager to be recognized as elites might publish simple guides for resolving technical problems or create software packages that automate certain underground processes. Also, the social controls that kept information in the hands of elites begin to break down, as knowledge is disseminated freely via Web sites and other means. At this point, some of the early elites might divorce themselves from the community, refusing to take responsibility for the process they started.

3. Reaction

The company becomes aware of the underground activities, sometimes because of economic damage caused but more frequently as a result of media coverage or an announcement by the innovators themselves, who might be eager to share their discoveries with the world. If the underground innovations threaten the company’s business model, the organization can go quickly from defense to offense, starting with threats of legal action and criminal prosecution. In effect, the company turns the underground community into criminals, making what might have been innocent innovations into illicit activities. Of course, by this time the genie is already out of the bottle, but many companies still go into attack mode, hoping to at least suppress the further spread of information if not wipe out the community entirely.

4. War

In the war stage, the innovators who weren’t scared off by any strong-arm tactics (or who might have even been attracted to the danger) wage an all-out battle, increasingly harassing the company. The fight transforms the underground community, altering its basic motivations. Early on, elites might have viewed themselves in fairly benign terms, perhaps as outside experts or explorers. Even after kiddies begin to wreak havoc, elites often do not see their role in the damage (or they are able to rationalize to themselves that they bear little responsibility). But the war stage changes all that. Many underground innovators are certainly scared off, but those who remain begin to adopt an “us versus them” mentality. Often they will focus their efforts on the most secure (and typically the most valuable) systems, inflicting substantial damage to the company.

To exacerbate matters, the underground community often begins to justify its actions by appealing to higher principles. In the 1970s, for example, phreakers came to see themselves as underdogs fighting against the government and big business to keep information — and technology — in the hands of the public. More recently, a similar call to arms has been heard in response to court decisions regarding DVD encryption and the file sharing of music. Companies, for their part, increase their arsenal of technological, legal and public relations maneuvers to thwart the underground. The result: an escalating arms race between the two parties.

5. Incorporation

Ultimately, though, the struggle becomes a battle of attrition. From the company’s perspective, crackdowns are only partially effective, as new underground members replace those who have left. And the underground suffers as the fear of getting caught and the maturing of the community results in the departure of valuable elites seeking more legitimate uses of their talents. Thus incorporation occurs, in which the two parties reach an uneasy accommodation, with some elites going to work for the companies while others continue to battle against those same organizations. Elites therefore fight against elites, solving problems that their former colleagues have created. At best, this phase evolves into “productive antagonism,” in which underground innovations make their way into the corporate world even as the people doing that work continue to flout the technological and legal boundaries.

Incorporation can follow even the nastiest of wars. Consider Microsoft Corp.’s acrimonious battle with L0pht Heavy Industries, the Boston hacker group. In 1997, L0pht uncovered a serious security flaw in Windows NT, Microsoft’s operating system. But Microsoft essentially dismissed L0pht’s work by not acknowledging the severity of the problem and by performing just minor fixes to address it. That reaction infuriated L0pht, which then responded by releasing L0phtcrack, an easy-to-use program for exploiting the NT flaw. Microsoft’s flagship product thus became vulnerable to hordes of kiddies. Throughout the ensuing battle, Microsoft kept denying that L0phtcrack exposed any real security issues, and L0pht continued to issue new versions of the hacker program.

But incorporation eventually took place. In 2000, L0pht joined up with @stake Inc., an Internet security firm that is now part of Symantec Corp., to become a legitimate business. Soon after, Microsoft and other industry leaders, including @stake, unveiled a new policy for the responsible disclosure of software bugs. The initiative set forth a method for hackers to report security flaws — and to get credit for doing so. In return, the hackers would withhold any public release of information about the flaw until 30 days had elapsed. Both parties had thus come to an accommodation of sorts.

6. Boredom

Underground innovators are driven by two desires — to discover things and to be recognized for those achievements. As soon as the opportunities for either fade, the community begins to enter the final stage: boredom. During this period, the underground doesn’t usually disband; it simply moves on to a more interesting area, starting the innovation cycle over again with a new technology to explore. The hacker community, for example, has persisted over years, but its areas of interest have changed, shifting from accessing forbidden databases to discovering weaknesses of wireless Internet hotspots. Given technology’s rapid life cycle, new products quickly become of interest while past ones become “uncool” and obsolete.

A Different Strategy

For many products, the emergence of underground innovators is inevitable, yet the relationship between a company and a community’s elites does not necessarily have to lead to war and incorporation. With careful management, it can instead result in an alternative stage — symbiosis — as long as the needs of the two parties aren’t entirely at cross-purposes. In the best of cases, any damage from destructive innovations that might occur is outweighed by the benefits of other constructive underground work.

In symbiosis, companies deploy different tactics for elites and kiddies, in contrast to the traditional practice of treating the two groups the same. Specifically, businesses try to establish a dialogue with those elites who might make positive contributions. Identifying at least a few such individuals is not difficult. They are the ones who act as moderators on popular online discussion boards or who write the software that everyone else in the community uses. Because elites often want recognition for their work, they will usually be responsive to unofficial contacts from companies and also can often be helpful in identifying other elites. But companies should be careful to keep the initial contact light and unofficial until more is known about the community. Obviously, giving the wrong individuals an official stamp of approval could have disastrous consequences.

Cultivating elites might require a completely new mind-set. For example, when hackers find a security hole in a product and publish that information, the company’s typical reaction is outrage. Instead, the organization might consider making an overture to the hackers, thanking them for uncovering the hole and perhaps asking if they’ve found other problems. Remember that elites want recognition for their achievements, mainly as a sign of respect. But this does not mean that companies need to pander to them. Nor should they perform the equivalent of paying protection money to an elite mob. Instead, they need to nurture constructive elites, even as they deploy more aggressive means to thwart the destructive kiddies.

A good model of this can be found in the video game industry. Manufacturers of computer games have no tolerance for those who copy their products illegally, but at the same time they have actively pursued relationships with elites. To facilitate this, the industry opened up its games to user modifications, and it implemented a system of rewards that encourages positive innovations. Elites — called “modders” because they modify existing games — are routinely recognized for their accomplishments. For example, they are given important responsibilities, such as moderating an official board or testing new software. One company — Epic Games Inc. — even sponsored a $1 million contest for the best modifications of its products. And companies also have been known to hire some of the best modders. The bottom line? By the early 1990s, the same community that developed methods of illegally copying computer games also was responsible for groundbreaking modifications that added exciting new content and functionality to existing games.

An ancillary benefit of working with elites is that it can help limit the material produced and available to destructive kiddies. Consider the underground community that has sprouted around TiVo Inc., the digital videorecorder service. Thanks to TiVo’s amicable relationship with elites, many unofficial discussion boards on the Internet have voluntarily implemented self-policing mechanisms to discourage innovations that might harm the company. For instance, the largest TiVo hacking site has banned the topic of “video extraction” (the copying of saved programs) as well as any talk about ways to get around paying for the subscription service.

Even when an underground community appears hellbent on destructive activities, companies should still consider alternatives to all-out war. Although AT&T Corp. was certainly justified for aggressively pursuing fraud cases against blue-box users, the company may have missed an opportunity to tap into technology from the phreaker movement. Instead of waging a battle against the entire underground community, what if AT&T had approached a number of the elites as innovative hobbyists rather than as criminals, perhaps even providing those individuals with tools to focus their efforts toward constructive innovations? What benefits could AT&T have reaped? Unfortunately, the company will never know.