From rei@MIT.EDU Fri Jul 14 14:23:49 1995 From: rei@MIT.EDU Date: Mon, 7 Nov 94 04:43:59 -0500 To: webmaster@MIT.EDU Subject: [andre@ai.mit.edu: Re: [u9219765@sys.uea.ac.uk: comment -- Looking for the Mit guide to lockpicking]] I mentioned the request for the Guide to Andre (because we had flamed about this in the past with some other hacker-types), who wrote: From: andre@ai.mit.edu (Andre' DeHon) Date: Sun, 6 Nov 94 13:38:20 EST To: rei@MIT.EDU In-Reply-To: rei@mit.edu's message of Sun, 6 Nov 1994 02:24:01 +0500, <9411060724.AA01764@bill-the-cat.MIT.EDU> Subject: Re: [u9219765@sys.uea.ac.uk: comment -- Looking for the Mit guide to lockpicking] Usnail: 305 Memorial Dr., Cambridge, MA 02139 Phone: dorm (617) 225-9583 office (617) 253-5868 Organization: MIT AI Lab Ok, the answer I would advocate is as follows (if the mit webmasters maintain a stock answer file...and you feel it appropriate, you might want to drop this in so people will have it in case of future requests). While the document you mention is available on the net, its electronic distribution is neither supported nor condoned by parties at MIT. Following is a statement issued by the MIT Hackers in response to the guides' indiscriminate, electronic distribution: ------------------------------------------------------------------------ Executive Summary: The MIT Hacking community is saddened by the series of recent events which have made the "MIT Guide To Lockpicking" available electronically in a indiscriminate fashion. We would like to state, once again, that we believe such distribution is inappropriate. Since we clearly have no control over the guide's dissemination, we would, at the least, like those distributing the guide to do the following: 1) Add an integral section on [Hacking] Ethics 2) Disassociate the MIT name from the distributed guide ------------------------------------------------------------------------ Rationale: We believe that the guide should be freely available to hackers who have a sense of ethics. Individuals have always been encouraged to only pass the information on to others who will use the information responsibly. Dissemination of the "MIT Guide" to the anonymous usenet and internet masses is irresponsible, at best. While most members of the internet community may use this information in ethical ways, some may not. Even if only a few people (a trivial percentage of the potential electronic readership) use the information in an unethical fashion, the damage can be considerable. Many have, correctly, noted that there is no "magic" information contained in the "MIT Guide". All the basic information is available from other texts. The MIT Guide distills the information relevant to lock picking and presents it clearly and succinctly. Electronic dissemination of this ~40 page text lowers the effort (and hence commitment) an individual must expend to gain a working knowledge of lockpicking. Widespread electronic availability of the document encourages everyone, regardless of their personal mores, to gain the skill. The guide was originally written to pass on non-destructive methods of entry to members of the MIT Hacking community. At MIT "Roof and Tunnel Hacking" is a pastime where students explore the Institute where they live and work. For reasons of safety, liability, and privacy, the MIT administration isolates certain portions of the Institute from general traffic using various methods, including locks. Mastery over locks is, hence, a valuable asset to the dedicated roof and tunnel hacker. Roof and tunnel hacking at MIT is concerned primarily with non-intrusive exploration. The goal is to discover and learn, not to steal, destroy, or invade anyone's privacy. Unfortunately, the skills which one needs in hacking can be perverted to nefarious ends. Established MIT Hackers always make an effort to convey a proper sense of ethics to new hackers and to be discerning about the techniques they teach to new hackers. The "MIT Guide" has always been given to new hackers only after they demonstrated themselves to be responsible. The "MIT Guide" was never intended to be distributed separate from the oral tradition and indoctrination associated with the MIT Hacking community. In hindsight, we can acknowledge, that it was a grievous oversight on the part of the author(s) of the "MIT Guide" that the document was written without attempting to integrate some of the ethics and context of MIT Hacking into the document itself. We agree that no amount of words will convey the same sense of hacking ethics as one acquires being a part of the MIT Hacking community. Nonetheless, we feel the distributed guide, stripped of its context--the MIT Hacking community, is very irresponsible and sadly lacking. We believe the very least that can be done is to attempt to include in this artifact some of the ethics which are part of the oral hacking education at MIT. The MIT Hacking community does not support the guide's distribution in electronic form for the reasons mentioned above. Further, it is quite clear from the actions taken by Ted T. Tool and others that the MIT Hacking community has no control over the guide's dissemination. Consequently, we feel it is inappropriate for the guide to be labelled as an "MIT Guide". At this point, the guide is neither being distributed by MIT nor with the blessing of the MIT Hacking community. We would like to ask Ted T. Tool [who left the MIT Hacking community several years ago] and anyone else distributing copies or derivatives of the original work, to disassociate the guide from MIT if they insist on continuing anonymous distribution. Such actions are counter to MIT Hacking ethics, and the MIT community would prefer not to imply that it condones such actions. Words will not do justice to the MIT Hacking Ethics. Nonetheless, following is a brief list containing a few of the major principles to which the MIT Roof and Tunnel Hacking community adheres during its exploratory expeditions: * Be SUBTLE -- leave no evidence that you were ever there. (This is a general rule which applies to lots of circumstances -- a few are enumerated explicitly in this list, but many principles follow from this simple edict) * Leave things as you found them (or better). * If you find something broken call F-IXIT (a local number for reporting problems with the buildings and grounds -- Hackers often go places the normal institute workers do not frequent regularly and hence may see problems before the workers do). * Leave no damage. * Do not steal anything. * Brute force is the last resort of the incompetent. * Do not hack while under the influence of alcohol/drugs/etc. * Do not drop things (off a building w/out a ground crew). * Do not hack alone (just like swimming). * Exercise COMMON SENSE. (This is another general rule with very wide applicability -- when exploring, you are often in places which were not intended for normal traffic. The people who built the area may not have assumed anyone would be there without special knowledge of the area. Many of the assumptions you are used to making are not valid or applicable while hacking. It is very important that you stay alert and think clearly.) Please, consider your actions carefully. If you feel you must continue to distribute the guide, we strongly advocate the addition of an integral section on ethics. As long as the MIT community has no control over the contents or distribution of the guide, it is inappropriate to call it the MIT guide. Consequently, we ask that the name of the distributed guide be changed. The MIT Hacking Community ------------------------------------------------------------------------