Risky Business: How the World Got Owned – Episode 2: The 1990s, Part One
Podcast Date: April 3, 2026
Hosts: Patrick Gray, Amberly Jack
Notable Guests: Jeff Moss, Kevin Mitnick, Chris Wysopal, Aleph1
Overview: The Evolution of Hacking in the 1990s
This episode of Risky Business dives into the explosive decade of the 1990s in the hacking community—a time marked by the rise of iconic hacker gatherings (DEF CON, Black Hat), tighter legal crackdowns, tension around vulnerability disclosure, and stories of early digital pioneers transitioning from playful curiosity to high-stakes crime and eventual reform. Through candid interviews with legendary figures (Jeff Moss, Kevin Mitnick, Aleph1, Chris Wysopal), the podcast explores how a tight-knit, chaotic community laid the foundations for both cybersecurity’s professional culture and “hacker lore,” tracing how the world really did get “owned.”
Key Discussion Points & Insights
1. The 90s: From Innocence to Action
- The 80s saw hacking as curious and exploratory; by the 90s, “everything started popping off”: stricter laws, people on the run, communities forming, and infamous events unfolding.
- The decade saw major milestones, such as the founding of DEF CON and Black Hat.
“All those laws that weren't laws in the 80s, people were now getting pinged for those and responding by going on the run from the Fed.”
—Amberly Jack (02:29)
2. “The Golden Age” of Hacking
- Jeff Moss (founder of DEF CON and Black Hat) describes the 90s as a time when a few skilled individuals could control or understand much of the Internet.
- The hacking community felt small, approachable, and united by a sense of “secret knowledge.”
“Anything was possible. Individuals could make huge contributions... Those people had the skills to just basically be the lords of the Internet.”
—Jeff Moss (04:06)
3. Community, Ego, and Camaraderie
- Early hacker culture in the Bay Area, especially on BBSes, was equal parts collaborative and competitive, with one-upmanship often masking real camaraderie.
- Egocentric clashes were common, but so was the free sharing of manuals, exploits, and ideas.
“There's a lot of egos... people raising each other to do something first or to claim credit... but within that there's also a lot of deep friendship and camaraderie and sharing.”
—Aleph1 (07:02)
4. Media, Myth, and Mainstream Anxiety
- Mainstream media and Hollywood seized on hacking in the 90s, often fueling public hysteria and misinformation.
- Notable moment: the first ever website defacement targeted the Hackers movie site (1995) with hackers mocking the film’s accuracy.
“There was a whole lot of misinformation, almost like hysteria around some of this stuff... hackers will blow up your television set or can blow up your computer.”
—Jeff Moss (08:12)
- Sharing manuals and dumpster diving for information were the real reality—far from Hollywood’s imagined criminal underworld.
“We would go dumpster diving like a couple times a month and different people would just bring their haul back and we would sift through it and we would keep the good stuff.”
—Chris Wysopal (10:23)
5. IRL Cons: Finding Your Tribe
- Physical gatherings (HOHO Con, SummerCon, and eventually DEF CON) became essential touchstones for hackers, offering acceptance for outsiders and forging deep connections in a text-based world.
“A lot of people from disadvantaged communities, a lot of people from the LGBTQ community. You know, it was a pretty accepting community for all kinds.”
—Chris Wysopal (11:47)
- The scene wasn’t utopian—bullying, slurs, and exclusion happened, especially given the lack of real-world context in early online interactions.
“I don't want to make it sound like it was all like Kumbaya...there was still fights and...people that acted poorly towards each other...”
—Chris Wysopal (12:29) “There was no video, no audio...you didn't know their gender, you didn't know a thing about them.”
—Jeff Moss (13:08)
6. The Birth and Bloat of DEF CON
- DEF CON’s origin story was serendipitous: started as a farewell party for a Canadian bulletin board operator, it became a legendary, inclusive event—entry was a $20 bill in an envelope.
“I’d love to take credit for this genius insight to open up the community, but it was me being lazy and kind of pissed off that I was not included.”
—Jeff Moss (16:08)
- Early DEF CONs leaned into “Fed paranoia” by inviting authorities and even incorporating “Spot the Fed” as a game.
“The first year or two, everybody got caught because they wore penny loafer shoes. No hacker wears penny loafer shoes or khakis.”
—Jeff Moss (19:51)
- The event grew rapidly, eventually outgrowing any one person’s ability to keep tabs on it—ushering the era of hacker “rockstars” and elaborate antics.
“I just count myself being really lucky to have been in the right place at the right time, taking the right risks, meeting the right people that didn’t treat me wrong...”
—Jeff Moss (22:00)
7. Crackdowns: Operation Sun Devil and the Rise of the EFF
- Operation Sun Devil (1990): coordinated secret service raids on BBSes, marked both real and overhyped law enforcement intervention.
- The fallout led directly to the founding of the Electronic Frontier Foundation (EFF), which championed digital rights and provided legal support for those caught up in the raids.
“The raids and the huge publicity...also led to the formation of the Electronic Frontier Foundation, which was founded by Grateful Dead lyricist John Perry Barlow.”
—Amberly Jack (18:56)
8. Crossing the Line: Money, Crime, and Consequence
- The decade saw a shift from curiosity and mischief to hacking as a profitable (and prosecutable) endeavor.
- Kevin Paulson’s story exemplifies the era’s complexity: becoming a “hacker for hire” while on the run, rigging radio phone-in contests to win prizes for survival.
“So we got some really cheap office space. We put in a bank of phones...We would let 50, 60 calls go through...they get to the 100th caller and we're on the phone and acting excited. This was my primary source of income...”
—Kevin Mitnick (35:31)
9. Life on the Run and Its Costs
- Mitnick spoke of the dual thrill and isolation of living under an alias, the psychological toll, and eventual capture.
“I couldn't see a future for myself, right, because I was hiding out from the feds...I couldn't visualize a future for myself. And that wears on you and it becomes depressing.”
—Kevin Mitnick (36:33)
- Getting caught was both “jarring” and, in an odd way, a relief.
“What I remember is how jarring it was just as an interruption to my day...That was really my first thought was, you know, I'm not going home. Who's going to feed my cat here?”
—Kevin Mitnick (38:11) “It was nice in a way to be able to just be myself again, to use my name and to not be pretending anything anymore. That was a relief.”
—Kevin Mitnick (38:34)
10. The Aftermath: Realization, Reform, and Parallels
- Mitnick accepted responsibility, drawing comparisons with other inmates to gain perspective on justice and punishment.
“I learned, like, to stop feeling sorry for myself very quickly...even as much time as I wound up doing it was like nothing compared to what most of these guys were facing now.”
—Kevin Mitnick (41:38)
- He later transitioned into journalism, seeing strong parallels between hacking’s and journalism’s lust for exploration and truth.
“Journalism, it kind of scratches a lot of the same itches as hacking...you get interested in something, you get to look into it and you can dive deep.”
—Kevin Mitnick (42:32) “I can talk to a hacker or a criminal of any kind, and they don't get any sense that I think I'm better than them...I've talked to very, very few hackers that have done anything worse than what I used to do.”
—Kevin Mitnick (43:24)
- When asked whether he’d be drawn into hacking in today’s era, Mitnick is unsure. The allure was unique to the varied technologies and culture of the telephone network.
“If I was turning 16 right now, I don't actually know if I'd have wound up like in that kind of trouble or drawn into something like that again.”
—Kevin Mitnick (44:45)
Notable Quotes & Memorable Moments
- "If you were around them, you could sort of figure out how the whole world worked." —Jeff Moss (00:08)
- “The hacking stuff was...fun at that age, right? Being...free, completely unaccountable. Not having a day job, like that was my thing.”
—Kevin Mitnick (35:43) - “It wasn't camp, but...they ended up finding their tribe or their community...I'm proud I didn't F it up.”
—Jeff Moss (20:12) - “I fell behind on the rent for the storage locker. And they cracked it open and they found all this stuff...and then they called the FBI.”
—Kevin Mitnick (32:53) - “I said, well, DEF CON is going to be. You don't need to be invited. All you need to do is get a $20 note, put it in an envelope and mail it to Jeff and you're in.”
—Amberly Jack (15:54)
Timestamps for Key Segments
- 00:08–04:06 – Reflections on the Golden Age by Jeff Moss
- 05:50–07:30 – Aleph1 on the early Bay Area scene, egos, and camaraderie
- 08:12–09:47 – Jeff Moss on media hysteria and the first website defacement
- 10:23–11:41 – Dumpster diving; in-person cons and community diversity
- 12:29–13:53 – Chris Wysopal and Jeff Moss on exclusion, bullying, and online anonymity
- 15:25–17:01 – The founding story of DEF CON and its open, anarchic roots
- 17:01–19:22 – Operation Sun Devil and the genesis of the EFF
- 20:06–22:00 – DEF CON’s rapid growth and shifting social dynamics
- 28:33–36:33 – Kevin Mitnick on entering hacking, phone phreaking, crime, life on the run
- 38:11–38:34 – The emotional impact of getting caught and the relief afterward
- 42:32–44:18 – Parallels between hacking and journalism; ethics of reporting
The Takeaways
The 1990s were a transformative era for hacking: curiosity gave way to audacious feats, playful mischief turned to profit, and ostracized loners found family in fledgling tribes. Laws formed, legends were made, and the world’s digital spine became both playground and battlefield. The voices in this episode vividly convey how tightly the personal, the technical, and the political became intertwined—and lay the groundwork for the hackers, defenders, and stories that would shape cybersecurity for decades.