Hackerspaces, places where hackers like to meet up, have been around since the early nineties. By “hackers” I mean the original sense of the word: “people who use technology in a different way to that for which it was originally designed”. To me, hackerspaces often look like a cross over between a science lab, a crafts studio and a student apartment: organized chaos. Topped with empty bottles of Club Mate: a high caffeine soft drink that allows you to code, hack, build and investigate all night.
During the nineties, Dutch hackerspaces like ascii and puscii were mostly modelled one the original German ones: c-base is still a role model for hackerspaces. HAR2009 inspired more Dutch hackerspaces: Randomdata (Utrecht, founded by my colleague Barry), RevSpace (The Hague) and Hack42 (Arnhem) were just a few names to emerge, followed by a dozen others. Nowadays, there are about 25 active hackerspaces in the Netherlands.
Hackers involved in hackerspaces are creative people: they look at technology in a different way and they do things “because they can”. Hardly any of them start out for malicious reasons and they are a far cry from “the whizz kid in the attic hacking a large organization”. Their aim is to be creatively stimulated: sometimes these thoughts lead to a new mascot for their ‘space’ and sometimes more serious matters are exposed. They tend to operate on the outskirts of society, but usually with an intention of “making a better world”.
So. What good have they done?
Well, for instance, hackerspaces have been responsible for pointing out that certain SSL certificates were not safe and could be compromised; they used SONY playstations to get this job done.
A Dutch initiative called “Waar is mijn data?” (Where is my data?) was the result of a cooperation between NRC Next and Randomdata to pinpoint the locations Dutch companies use for storing their email, thus pointing out which laws are involved.
What do we think of alarm systems? They provide a sense of security, don’t they? They do, but the (wireless) connections used in these systems are hardly encrypted and can be tampered with, as shown by hackerspace Bitlair.
And there are many more examples of hackers pointing out vulnerabilities in various systems.
A perfect example of the hacker mentality is the “LEGO Mindstorms contest” we organized a few years ago during Hack In The Box: we asked contestants (hackerspace teams) to make a vehicle which would react to a four corner light bulb set up: every time one of the lights lit up, the vehicle was supposed to go there and touch that corner. The winner rewrote the entire LEGO Mindstorms code, leaving the standard LEGO code looking childish. Of course, we kept the code.
Community vs. company
Hackers value their freedom and creativity: they don’t like to be meddled with. Companies nowadays face serious security problems requiring a non-traditional and out-of-the-box approach. Hackerspaces are at the center of the community and stumble upon these issues. Companies have security and R&D budgets, but don’t always spend them on the right topics.
So, communities and companies do have something to offer each other if they respect each other’s differences. More and more, companies are sponsoring hackerspaces; asking them to investigate certain issues or just inform them if they encounter security issues.
I like to think this “Companity”, the collaboration between hackerspaces and companies, can offer great advantages to both if they respect each other: companies can benefit from first hand, up-to-date security information while hackerspaces have more possibilities to investigate and create.
Many thanks to my co-writers Bertwin and Sanne for helping out on this blog.