Are you familiar with the term hack value?…It’s ‘the notion among hackers that something is worth doing or is interesting. This is something that hackers often feel intuitively about a problem or solution; the feeling approaches the mystical for some.’ It’s not that it’s about the information…it’s always been for me about the process, which is why I can say without exaggeration at all that no system I compromised used a published or unpublished ‘exploit’ in that I wasn’t looking for buffer overflows or flaws in the software. I was just trying to take normal every day information resources and arrange them in improbable ways. I didn’t spend time downloading databases of customer information.
One example is Excite@Home, which of course no longer exists per se. When I compromised them I had full access to the customer data, including credit card data in full text. That was of no interest to me. What I thought was really cool, what had hack value to me was that I could log in to support accounts that they didn’t check anymore and answer help desk requests from users who otherwise would never get an answer. I love the fuck out of the idea of living in a world where something like that can happen; where you can submit a help desk request that a company is going to ignore and along comes a hacker and says ‘no, this is totally what you need to do to fix that.’
