Category Archives: History

«CAcert Inc» is supporting the Community for over 20 years

Twenty-one years ago today, CAcert Inc was founded as the organisation behind the CAcert community. However, the rather crazy story of CAcert began the year before: Australian Duane Groth founded the CAcert community in 2002 with the aim to offer digital certificates for everyone to form such a confidence and safety consciousness in and around the Internet. He wanted to secure the WLAN network of his hometown, which was too expensive, so started the community.

It soon became clear that the operation of a certificate authorithy requires certain structures. This is why the three-part structure of CAcert was invented:

  • the community of all users, teams and assurers where no one can take power or control; resolutions takes a kind of parliament (legislature), the Policy Group, in which any interested member of the community can participate
  • the association CAcert Inc with an elected committee (executive), which manages the business for the community as a legal entity
  • a mediation body, called arbitration, the judiciary

These three parts are bound together by the CAcert Community Agreement, or CCA for short. The CCA is recognised by all members of the community and the association, but also by all users of a certificate. In addition, this recognition is renewed each time a certificate is created or renewed. The CCA is therefore an extremely strong bond that holds together the several hundred thousand members of the community with CAcert Inc and Arbtration. CAcert Inc was registered in New South Wales 20 years ago today. Today CAcert Inc is based in Switzerland.

Über zwanzig Jahre «CAcert Inc» – eine Erfolgsgeschichte (deutsch)

Heute vor einundzwanzig Jahren wurde CAcert Inc. als die Organisation hinter der CAcert-Gemeinschaft gegründet. Die ziemlich verrückte Geschichte von CAcert begann jedoch schon im Jahr zuvor: Der Australier Duane Groth gründete 2002 die CAcert-Gemeinschaft mit dem Ziel, digitale Zertifikate für jedermann anzubieten, um so ein Vertrauens- und Sicherheitsbewusstsein im und um das Internet zu bilden. Er wollte das WLAN-Netz seiner Heimatstadt sichern, was aber zu teuer war, und gründete deshalb die Gemeinschaft. Schnell wurde klar, dass der Betrieb einer Zertifikatsautorität bestimmte Strukturen erfordert. Aus diesem Grund wurde die dreiteilige Struktur von CAcert erfunden:

• die Gemeinschaft aller Nutzer, den Teams und Assurern in der niemand Macht oder Kontrolle ausüben kann; Beschlüsse fasst eine Art Parlament (Legislative), die Policy Group, an der jedes interessierte Mitglied der Gemeinschaft teilnehmen kann
• der Verein CAcert Inc mit einem gewählten Vorstand (Exekutive), der als juristische Person die Geschäfte für die Gemeinschaft führt
• eine Schlichtungsstelle, das sogenannte Schiedsgericht, die Judikative

Diese drei Teile sind durch das CAcert Community Agreement, kurz CCA, miteinander verbunden. Das CCA wird von allen Mitgliedern der Gemeinschaft und des Vereins, aber auch von allen Nutzern eines Zertifikats anerkannt. Außerdem wird diese Anerkennung jedes Mal erneuert, wenn ein Zertifikat erstellt oder verlängert wird. Die CCA ist also ein äußerst starkes Band, das die mehreren hunderttausend Mitglieder der Gemeinschaft mit CAcert Inc und Arbtration zusammenhält. Heute vor 20 Jahren wurde CAcert Inc. in Neusüd-Wales registriert. Heute hat CAcert Inc. seinen Sitz in der Schweiz.

Plus que vingt ans de «CAcert Inc» – une histoire à succès (français)

Il y a vingt et un ans aujourd’hui, CAcert Inc. a été fondée en tant qu’organisation de patronage de la communauté CAcert. Cependant, l’histoire un peu folle de CAcert a commencé l’année précédente : L’Australien Duane Groth a fondé la communauté CAcert en 2002 dans le but d’offrir des certificats numériques à tout le monde afin de créer une conscience de confiance et de sécurité sur et autour de l’internet. Il souhaitait sécuriser le réseau WLAN de sa ville natale, qui était trop coûteux, et a donc créé la communauté. Il est rapidement apparu que le fonctionnement d’une autorité de certification nécessitait certaines structures. C’est pourquoi la structure en trois parties de CAcert a été inventée:

• la communauté de tous les utilisateurs, équipes et assuers où personne ne peut prendre le pouvoir ou le contrôle; les décisions sont pris par une sorte de parlement (législature), le Policy Group, auquel tout membre intéressé de la communauté peut participer

• l’association CAcert Inc avec un comité élu (exécutif), qui gère les affaires pour la communauté en tant qu’entité juridique

• un organe de médiation, appelé arbitration, le pouvoir judiciaire.

Ces trois parties sont liées par l’accord communautaire de CAcert, ou CCA en abrégé. Le CCA est reconnu par tous les membres de la communauté et de l’association, mais aussi par tous les utilisateurs d’un certificat. De plus, cette reconnaissance est renouvelée à chaque fois qu’un certificat est créé ou renouvelé. Le CCA est donc un lien extrêmement fort qui unit les quelques centaines de milliers de membres de la communauté à CAcert Inc et Arbtration. CAcert Inc a été enregistré en Nouvelle-Galles du Sud il y a 20 ans aujourd’hui. Aujourd’hui, CAcert Inc est basée en Suisse.

Werner Dworak verstorben

Am 30. April ist Werner Dworak aus Ulm, ein langjähriges Mitglied von CAcert verstorben. Werner betreute während einigen Jahren den Support, nachdem er noch von Ian Grigg in diese Funktion eingeführt worden war. Ausserdem war er Mitglied des Vereins CAcert Inc, welcher die Infrastruktur betreibt. Im Verein bekleidete er von 2012 bis 2014 das Amt des Präsidenten. Werner war während mancher Jahre ein engagiertes und aktives Mitglied sowohl der CAcert-Gemeinschaft als auch von CAcert Inc.

“If you don’t use technology consciously, you will be used by it” (40 years of CCC 3)

40 years ago, the Chaos Computer Club was founded in Germany. Steffen Wernéry (middle) was there from the beginning. Today he is no longer active in the front row. He remembers.

You still work in the industry.

Steffen Wernéry: I’m a data protection officer for an operator of anonymised network connections (VPN). I’ve always been less interested in hacking than in hunting for security holes, which others can do better, than in the creative, design side. I first came to computers through my interest in acoustics, photography and video. When I was 20, I did an art project with Bernd Krake in which I transmitted image data by telephone between the Hamburg Kunstverein and the Massachusetts Institute of Technology (MIT).

What about the creative use of technology today?

Steffen Wernéry: Hacking is more necessary than ever. Not in the sense of computer crime, but in the original sense, the critical handling of technology and finding weak points. We are surrounded by unfinished products. Software and hardware have security vulnerabilities, and those who rely on them are quickly finished. Instead of relying on stock and preservation, companies produce technological junk. Even in the literal sense, none of this is environmentally friendly. The products are designed for consumption and to be addictive. People spend less and less time in real life.

Virtual versus real life, I’m surprised that you, as a net activist, see this as a contradiction. Doesn’t one enrich the other?

Steffen Wernéry: Sure, the internet is great if I want to repair my washing machine, if I want to exchange ideas with like-minded people about hobbies or politics, if I want to collect environmental data together with others. But most people sit in a consumption loop, waste their time and think that this is real life. We already said 40 years ago: machines reinforce structures. It happens all by itself. If you don’t use technology consciously, you will be used by it.

Sounds like the CCC has failed.

Steffen Wernéry: The club does what it can. It teaches young people media competence in the project “Chaos macht Schule”. It participates in lawsuits against laws, keeps up the exchange with other institutions. But it is a fight against windmills. That’s why it’s so important to keep some anarchy and fun going. (Questions by Ruth Fulterer)

Starting in 1986, the hackers used a flaw in an operating system to infiltrate other people’s systems and gain access rights there. Computers at the Cern nuclear research centre were among those affected. In 1986, the club newspaper “Datenschleuder” printed an internal complaint about the intruders: “There seems to be a club based in Germany called the ‘chaos club’ whose collective hobby is hacking systems connected to public X25 networks.”

Wernéry and Wau Holland, the club’s leaders at the time, contacted the companies involved and later spoke out to the media when the case became public (above: broadcast from the German TV ARD from 15. September 1987). Then, on his way to a congress where he was to speak about data protection, Wernéry was arrested in France in 1988. He was believed to be an accomplice or even responsible for the hack. The investigators quickly dropped this accusation and he was released. The investigation into his complicity continued for a long time, but in the end came to nothing.

40 years Chaos Computer Club (2)

40 years ago, the Chaos Computer Club was founded in Germany. Steffen Wernéry (on the picture in the middle) was there from the beginning. That’s why he’s already been in prison. Interview.


You soon became the most important figure in the club next to Wau Holland and later wrote the statutes. It says that the club is committed to freedom of information. What does that mean, freedom of information?

Steffen Wernéry: It means the right to freely exchange information. In other words, to communicate in encrypted form, with anyone, about anything, without censorship, without blockades. I find the second part of the statutes particularly important: the CCC is concerned with the effects of technologies on society and individual living beings and promotes knowledge about these developments.

How did you want to achieve all this?

Steffen Wernéry: We organised congresses, meetings and events. We have a magazine, the “Datenschleuder”. Of course, it was also about fun and creativity. What we call in the statutes “promoting the creative-critical use of technology”. We had originally written “hack” in the statutes, but the association register rejected this word because it was not in the Duden dictionary.

It was a hack on the edge of the permissible that made the Chaos Computer Club famous.

Steffen Wernéry: That was in 1984, when the post office had a monopoly on electronic messages. And anyone who wanted to be online had to use a device approved by the post office, which was incredibly expensive. Anyone using untested equipment was liable to a house search and confiscation of the equipment, along with a fine. The user fees for this system, the Internet precursor screen text (BTX), were very high. So the post office, we called them “Gilb”, was the enemy of hate for us. At that time, Wau Holland and I hacked into the BTX access of a Hamburg savings bank and called up a BTX page of the CCC from there, for which we had to pay. By the end of the night, we had booked 135000 D-Mark into our fee account. We made that public. It was embarrassing for the post office, which had claimed that its system was secure. The media jumped on the story. For the first time, data security was a big topic.

What happened next with the CCC?

Steffen Wernéry: That was the beginning of an acceleration. We got new members, there were more and more people on the networks. In 1986, things became more serious. A few people in the club had hacked into Nasa’s computers and sold information to the Soviet secret service KGB. The main participant, Karl Koch, was later found dead. To this day, some say it was suicide, others say it was murder. I myself spent two months in a French prison.

Why?

Steffen Wernéry: At that time, there were hardly any computers on the net. We hackers went where there were networks, for example to the Swiss research centre Cern. That was the European hacker training school. Because there, several people could be on the computers at the same time, chatting online or developing programmes together. Because some of these centres were also used for military purposes, this was quite critical. That’s why there have been investigations since 1986.

How did the trial against you turn out?

Steffen Wernéry: There was never a trial, but the investigations against me lasted 16 years, until 1998, without any result. The Hamburg prosecutor spread the word that I was an East German agent because a picture of Honecker hung in my kitchen. For the French, I was a Nazi because they had found “Mein Kampf” during the same house search. There was also mistrust within the club because of these investigations. It all became too much for me and I quit the front row.

Congratulations: 40 years Chaos Computer Club

40 years ago, the Chaos Computer Club was founded in Germany. Steffen Wernéry was there from the beginning. That’s why he’s already been in prison. Spectacular hacks, even into Nasa’s computers, made the Chaos Computer Club famous in the eighties.

It was seen as a Robin Hood-like hacker gang that is always a little smarter than the powerful and beats them with their own means: the computers . Steffen Wernéry joined shortly after its founding on 12 September 1981 and was at the forefront of the club’s transformation from a nerd regulars’ table to a well-known hacker club.

Today, the club claims to have 8,000 members and hosts one of the world’s largest hacker conventions. The basic philosophy has remained the same: The Chaos Computer Club wants to draw attention to the social consequences of technology and sees hacking as an instrument of enlightenment.

How does your history with the Chaos Computer Club begin?

Steffen Wernéry: It was in 1983 in the left-wing bookshop “Schwarzmarkt” in Hamburg. I had read online that the Chaos Computer Club was meeting there. I hoped to be able to exchange passwords there.

Swap passwords?

Steffen Wernéry: The internet didn’t exist back then, only individual computers on the telephone network. When you found other computers, you wanted to have a look at them. For example, into databases or via the computers of newspapers to the news of agencies in the USA. And the passwords were exchanged with each other.

And did you get any?

Steffen Wernéry: Unfortunately, no. I had to find out that no one from the Chaos Computer Club was online yet. Nevertheless, the visit changed my life. Because I met the founder of the club, Wau Holland. He talked about the computer not only being for the administration and surveillance of citizens. Citizens themselves should use it, for exchange and transparency. He wanted the machine-readable government instead of the machine-readable citizen. That made sense to me. From then on, I was in.