Society for this Blue Ball in a Big Black Void

There won’t be dates in this weblog, for reasons of security and caution. Entries will appear no more than one a day, but not necessarily when I’ve submitted them. As we progress you’ll get a sense for why I am so obsessed. Perhaps it will suffice for now to point briefly to the genesis. I am dedicating this little website to the memory of a good friend, whom I never met, a self- designated hacker by the nom de raconteur of Craig Phissure.

A small number of years ago, hacker Phissure came across what he thought was undeniable evidence of the existence of aliens — extraterrestrial intelligence. In an effort to publicize this discovery, Phissure established a website and founded a society with some dozen of his closest associates, a group which he officially dubbed the Society for this Blue Ball in a Big Black Void. I don’t think the other members thought much of this name, inasmuch as its acronym did not play on a sexual or scatological function, but they recognized and respected Phissure’s role as leader and dominant voice. The “Frequently Asked Questions” portion of the site was a monument to Phissure’s style and influence, and we’ll have occasion to return to it by-and-by.

What the FAQ won’t show is that within six months of its publication, a series of mind-boggling coincidences removed every society member from the surface of this blue ball. Each death in turn was deemed an accident, except one case involving a gunshot to the head in a dead-end room in a seedy hotel. They all had a certain plausibility — a single-car accident here, a heart attack there, a hit- and-run over there — if you did not tally them out and timeline them. Since these were for the most part virtual associates, spread across the continent, there was no one person left to do that work.

The website disappeared shortly after the untimely death of Craig Phissure, may he rest in peace. Not only did it disappear, but the fact of its existence became impossible to prove if one did not have the site mirrored locally, on one’s own drive. All the major search engines displayed no knowledge of the site. Whois and other registration sites denied any once or present ownership of thisblueball.org. Attempts to repost any amount of the original texts led to servers crashing, files disappearing and various forms of intimidation: identity theft, surveillance by investigators for who knows what imputed crime, and plain old threatening phone calls. This strategy, heavy-handed as it was, succeeded in isolating the Blue Ball doctrine, quarantined in the coffins of society members and in archived disks of a frightened few. And this effort would probably have succeeded without the dogged pursuit of one last blueballer. This gentleman was not a live friend of Mr. Phissure, but he, too, found his way to Phissure’s material and Phissure’s point of view, and one might say that he became a friend of Phissure, despite the fact that his friend was ash in a vase, languishing on a shelf until the day that sub-orbital spreading of ashes across the atmosphere becomes affordable for a mere mortal.

Our neo-blueballer, a not-so-gentle soul by the name of Gary Corinth, became a believer not through his own gumption as much as through someone else’s plight. I will be telling their tale in due time. For now, let me clarify a few things for those joining my audience: your usual tricks won’t work. You won’t be able to hack in and find out who I am, and denounce me with your accustomed puerile bravado in your favorite Yahoo or Netnews group. For those of you who don’t know what I’m referring to, let me explain. Since my postings are anonymous, some netizens will Pavlov-style decide that my anonymity must be torn asunder, ripped from me like the delusions of a Nero fiddling among his own smoldering ruins. They will apply the usual bag of tricks to try to uncover my identity, most of which involve a standard set of network searching tools — quite useless in this case. For the more incorrigible, the bag of tricks will include efforts to hack into the server that should hold my identity.

Hacking is a much oversold activity. In its simplest form, it’s usually nothing more than the rote application of a small set of principles, a cookbook of possibilities. The whole field of hacking was created by a tempting loophole in John von Neumann’s insight into computer design: that computer memory need not be divided between operation and data, between program and information. This created the universal computer — the device able to adapt to any computational task — but it also created a perfectly agnostic tool, as susceptible to the service of perversion as to that of good. I rely upon the rings of security built into the weblog server to protect elements of my identity. But these rings are an illusion built upon illusions. Just as the principles of computational order coexist with the chaos of information, security exists in a musical round with collapse.

We attempt to build principles of security that will control access to the other algorithmic building blocks within the computer, but this intervention is a block of code like any other block of code. If you, the would-be hacker, can derail the transition into the security code, you can disable any security safely, confidently, without the slightest alarm going off. If you require an example: a highly successful approach in the case of Web servers has been, for years actually, to send a URL that causes a block of code with security principles to fail utterly, perhaps by sending an extra long URL, and then appending a command that the fail-over code executes. That execution, in turn, gives the hacker an opportunity to assume control of the execution queue in the CPU, and he’s on his way. There’s no inherent reason why this approach should work, but equally no inherent reason why security should work. It’s all just code, amoral algorithms, manipulable instructions piled one upon the other in memory or on a disc.

Script kiddies use the cookbook put together by more studied hackers to break into someone’s computer, and suddenly they’re masters of cyberspace. Some of these juveniles are no doubt already busy trying to break into the server that this weblog runs on. Sorry, boys, the sys admins have been thoroughly warned, every possible entr?has been carefully closed and sealed. Even the easiest way to overcome security — the frail human interface to the code — has been carefully pruned and cleaned up; almost nothing else runs on the box. The box itself runs in a foreign land that is decidedly uninterested in governmental intervention from the West.

Most importantly for our zealots, the staff of the hosting service doesn’t know who I am. They have agreed to some compromises in their usual demands for accountability, this time in exchange for heftier billings. All transactions have been small and untraceable international transfers. Even the best source of contact — my logins to the machine — is carefully cloaked through an ever- changing series of zombie computers and anonymizers.

But please do continue your fruitless efforts. There is no such thing as perfect security, or true predictability in complexity, and some one of you may find a way in, may find some distant trace of my identity and chart your way back to me. Nothing is impossible, and if I were a betting man, I would have to go with the Vegas odds of my meeting a fate similar to Craig Phissure’s. But as long as it can, the show will go on.