Austin Hackers Group Gets Recognition From Global Body

The room where it hackens


Tod Beardsley, founder of AHA!, which officially joined the Common Vulnerabilities and Exposures (CVE) system last month (photo by Dex Wesley Parra)

On the last Thursday of every month, in the walled-off back room of an unassuming North Austin sports bar right off I-35, a variety pack of 40-some-odd information sector types – computer programmers, web developers, and the like – convene for a couple of evening hours to present the latest coding bugs they've uncovered. They call themselves Austin Hackers Anonymous, abbreviated as AHA! like the Eighties pop act (leave it to hackers to claim the URL takeonme.org). Recording and filming aren't allowed, everyone must contribute, and if someone wants to pitch a product or company, well, they must buy booze, per the bylaws. Needless to say, the crowd is a rowdy bunch of nerds.

"At its heart, it's a hacker meetup for InfoSec professionals," said AHA! founder Tod Beardsley. The collective started up more than a dozen years ago, but in early February, they officially joined the Common Vulnerabilities and Exposures system. Think of CVE as a global dictionary for flaws in computer programs and software. As a CVE Numbering Authority (CNA) vendor, AHA! members can report vulnerabilities for both assets they control (including their website and communication channels) and assets owned or operated by other organizations. So, in their free time, these hackers are inspecting code, finding errors that can lead to serious security risks, and reporting them to an international authority. "A safer and more secure internet is critical for culture and society," Beardsley said.

Cybersecurity companies and researchers comprise the bulk of CNA vendors. After all, many in the field are penetration testers who, in Beardsley's words, "get paid to show up, break into someone's network, and tell them how they got in." He said CVE recognizing AHA! as a numbering authority is "bizarre, because as far as I know, we're the only unorganized hacker collective that is also a CNA." (A scan of the 274 CVE partners confirms this.)

While the CNA designation comes as a surprise, this isn't AHA!'s first time being ahead of the curve. Since their initial gathering over a decade ago, hackers in several cities across the country have emulated AHA!'s meeting format, including Houston Area Hack­ers Anonymous (HAHA), Bay Area Hack­ers Association (BAHA), and the Phoenix Secret Society of Hackers (PSSH). Austin's club has no direct affiliation with the others, though certainly enough influence to call them "our spawn" on their website.

And although a certain journalist couldn't sneak into the hush-hush meeting room, Beardsley filled me in on the general rundown. "We are very elitist and gatekeepy," he admitted, "[but] we're all in the same industry. We're not colluding or anything, just swapping tips and tricks." What happens behind the gated area of Mister Tramps Sports Pub stays there – leaks lead to lifetime bans. He said the privacy policy encourages hackers to share their findings in a safe environment. To avoid getting booted from AHA!, everyone in attendance must present to the assembly a five-minute talk. Lectures lasting much longer will be met with severe heckling. The fine print reads, "If you must exceed 10 minutes, it better be damn worth it."

Many of the vulnerabilities AHA! identifies and reports are exploitable, like tricking less tech-savvy users into clicking on dangerous links in emails, a practice called phishing. When hackers find these bugs, Beardsley said, he urges them to report them to the vendors, which can be a tricky process as many companies are litigious to a fault. The way he sees it, "if you don't fix it, bad things will happen to you because while I may be very, very smart, I'm probably not the last person to see this, and I'm probably only the most recent person to notice this."

Got something to say on the subject? Send a letter to the editor.

A note to readers: Bold and uncensored, The Austin Chronicle has been Austin’s independent news source for over 40 years, expressing the community’s political and environmental concerns and supporting its active cultural scene. Now more than ever, we need your support to continue supplying Austin with independent, free press. If real news is important to you, please consider making a donation of $5, $10 or whatever you can afford, to help keep our journalism on stands.

Support the Chronicle  

READ MORE
More by Dex Wesley Parra
SXSW Film Review: Omni Loop
Review: Omni Loop
Woman stuck in time reckons with life choices

March 14, 2024

SXSW Film Review: I Wish You All the Best
Review: I Wish You All the Best
Nonbinary teen leads coming-of-age family drama

March 13, 2024

KEYWORDS FOR THIS STORY

Austin Hackers Anonymous, AHA!, Tod Beardsley, Common Vulnerabilities and Exposures system

MORE IN THE ARCHIVES
One click gets you all the newsletters listed below

Breaking news, arts coverage, and daily events

Keep up with happenings around town

Kevin Curtin's bimonthly cannabis musings

Austin's queerest news and events

Eric Goodman's Austin FC column, other soccer news

Information is power. Support the free press, so we can support Austin.   Support the Chronicle