I’ve just finished reading an advance copy of Joseph Menn’s new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World (Amazon Link) and can recommend highly for OODA Loop members.

As the importance of hacker history goes, this was a book that was destined to be written.  I’m just grateful that someone like Joe Menn was the one to take on the challenge given that he’s taken the time to get to know the hacker community over the past decade and has provided consistent and credible reporting on the topic over the years.  It is also not his first foray into the topic of cybersecurity with his book Fatal System Error provided some great investigative reporting back in 2010.

Cult of the Dead Cow tells the story of the early hacker collective known by the same name or as often abbreviated; the cDc.  The cDc was like most hacker groups of that era and provided a foundation of connectivity amongst the members through bulletin board systems (BBS), text-based zines, and in-person meetings in the form of conferences, parties, and other tech-focused get togethers.  The cDC even counted amongst its early members, a current member of Congress and Presidential candidate Beto O’Rourke.  They were perfectly positioned as Generation Hack to be the first adopters of the Internet and early proponents of Internet security and the democratization of technology.  That is where things get interesting as we all know the role that the Internet and cybersecurity would play in subsequent years, but few are familiar with the role that the cDc played in addressing some of these core issues.  They pushed the envelope by releasing code, advocating hactivism, testifying to Congress, and creating commercially viable product and services companies to address current and emerging threats.  You can’t write a history of the past 30 years of the Internet without including the cDc, Dec Con, and a host of others and with this book, we get a detailed look at the history and impact of the Cult of the Dead Cow from an author who respects, and maybe even admires, the important role they played.

Joe was kind enough to answer a few questions about the book for our readers.

Matt Devost: Your book tells a very fascinating story of the cDc and the many ways the group matured over time to make very meaningful contributions to society from both the fringes and by fully going mainstream.  In what areas do you think this generation of hackers will make future contributions to society, security, and the economy?

Joe Menn: One of the things I admire most about cDc is that they did not stop when the issues became much harder. It was incredibly challenging to figure out a way to get the Microsoft of 1998 to take security as seriously as it should have. And so the group went to extraordinary measures, creating a media circus with the over-the-top Def Con release of Back Orifice that demanded attention. When that failed to seal the deal, they came back the following year with Back Orifice 2000.

And then they saw the problems were worse. It was the whole rotten ecosystem: software monopolies and oligopolies, lack of legal liability for faulty goods, and no leverage on the part of the buyers. Most rational players with other means to earn a living would have given up. Instead, the cDc came up with not one but three ways of attacking the broad lack of security. Within the private sector, its members founded @stake, sending brilliant hackers inside the big vendors and their customers to teach them what to do better, and started Veracode, allowing big buyers to judge from binaries what was happening and what was unsafe. Inside the No. 1 buyer, the federal government, Mudge worked to educate officials on what was feasible and what was not. And in the nonprofit and activist realm, Oxblood Ruffin and his followers drove development of open-source tools that spurred dramatic advancements in Tor and also the creation of the Citizen Lab, the University of Toronto outfit that has exposed government use of technology to spy on activists, journalist and minority politicians.

The cDc paved the way for major work for good in all three areas, which continue to play out, and they have instructed new generations since, who have absorbed the lessons and worked within all three, including Alex Stamos, Katie Moussouris and others. It is impossible to say what the cDc and its followers will do next in terms of importance. But it is hard to see anything major that is happening now and not trace it back to the group. Whatever happens next, it will likely have some cDc heritage.

Matt Devost: You are a regular at the Def Con hacker conference.  What year did you first attend and what compelled you to attend the first time?

Joe Menn:  I can’t remember what year I first came. It was sometime around the middle of the decade after 2000. I know I spoke there in 2010, the year that my book Fatal System Error came out. I hate Las Vegas, and I nearly died after getting pneumonia there one Def Con, but it is where the people I am most interested in go every year.

Matt Devost: It can be hard to establish trust and credibility as a journalist with folks in the hacker community.  To what do you attribute your ability to make meaningful connections that allow for you to develop stories like the ones the book is based upon?

Joe Menn:  At this point, mere two-decade longevity without having royally screwed up is in my favor. But to get here, I think the main thing is that I have not tried to hustle anyone. I am not a wham-bam-thank-you-ma’am reporter. I really care about this stuff. I think it is hugely important and little understood, even now. And I am willing to put in the work to get it right without burning the people who help me.

Matt Devost:  What is the one thing you hope readers will learn in reading the book?  It is a fun and compelling history, but you seem to want to convey a deeper message.

Joe Menn:  I really do. Fatal System Error was about calling attention, in an entertaining way, to one of the greatest challenges of our time. The big reason I spent so long writing this book was that I want young hackers, while again being entertained, to think about what work they are comfortable doing. I feel like the lack of real discussion about these issues has meant that today’s talented 15-year-old probably thinks his or her main career options are working for the NSA, stealing Bitcoin, or trying to make it big with a Silicon Valley startup. I am not saying any of those things is a bad idea. But I want them to consider other things they can do that might have an enormous impact on real people around the world.

---

To purchase a copy of Joe’s book, please click below and be sure to let us know what you think.