What makes a hacker tick? While other law enforcement professionals theorize about these sneaky techno-pros who can't resist poking around in other people's computers, Kall Loper went to the source - the hackers themselves.

"Up until now there's been a lot of hand-wringing among criminal justice experts about 'how little we know.' And they don't know," says Loper, a California State University, Sacramento criminal justice professor. "Previous research focused on college students, assuming the motivations of students mirrored the motivations of hackers. No one had talked to hackers."
So Loper did just that, hanging out with hackers through e-mail lists and attending hacker gatherings.

Loper's interest in computer crime grew out of a college job as a computer system administrator. "I enjoyed it and thought it was a shame I couldn't do both corrections and technology," he says. Then he hit on the idea to study hacker behavior, which became the basis for his dissertation.

That computer expertise is one reason Loper thinks he's gotten farther into the workings of the hacker mind than his contemporaries. "Having the technical background helps," he says. "There is a technological limit you can get to with hackers. They get a sense of how much a person knows, and once they get a sense that a person is over their head, hackers just stop responding.

"I take a different approach than others in criminal justice. I can 'talk the talk' while still being a social scientist. I actually share their appreciation of hacking and the joy of discovery, too."
Since moving to Sacramento in the fall Loper has met with members of both the law enforcement and hacker communities. "One night I went right from meeting with local high-tech crime specialists to having pizza with hackers," he says.

When he meets with the hackers he makes no secret of what he's up to and even hands out his business card. "I feel privileged to be accepted. I belong in the group," Loper says. "But I'm not shy about telling them who I am and what I do. I give out my business card. I have to - for research ethics."

It's something he learned in a previous job at a correctional facility. "I picked it up in my prison work. When they knew where I stood, they had no problem with me," he says.

And what has Loper discovered? For one thing there isn't a typical hacker. "If you are going to examine hackers you can't expect to identify them by color, age or background," he says. That's why he analyzes them by observing their online interactions.

"Their behavior is very easily predictable," he says. "There are things they talk about over and over. Certain hackers would start fighting among themselves and then cooler heads would prevail."

Loper distinguishes hacking from computer crime with a subset in-between that he calls criminal hacking, which would include network intrusion. "If they fall into the hacker mold, they probably won't cause trouble. If not, they are probably a computer criminal. Hackers typically don't commit crime," he says.

Hackers also have a social network. Computer criminals don't hang out like hackers. And, Loper says, there's more to learn about hackers. The literature is much better on computer criminals, he notes.

Loper's interactions with hackers have been a boon to his research. A hacker even helped him create the program to analyze the data for his dissertation. But it's a two-way street. The first hackers he met wanted information from him. Worried friends of notorious hacker Kevin Mitnick, who was in jail at the time, tapped into Loper's corrections expertise to find out about the prison and what Mitnick might be going through.