A hacker who identifies himself only as Evil Taco has been in Pittsburgh "since Y2K" and describes himself as "that one family member who everyone calls when they can't get the Google to work."

After teaching himself coding and getting a little help from his friends, Evil Taco said he had committed online piracy, written a few viruses and tampered with some networks.

Don't worry: He's not part of a "big secret vendetta to try to break apart society or anything," he wrote in an e-mail to the Post-Gazette. They're just moves in a decades-old battle between hackers and the hacked, where the tools are the same but the morality nuanced.

Hacking communities -- some Dr. Jekyll, some Mr. Hyde -- have tagged along with every expansion of the Web and grown into categories that span professional and amateur. Even the Zeus of the Web, Google, was recently susceptible to encroachments from China-based online intruders thought to be based out of two higher education institutes.

Western Pennsylvania, with its burgeoning technology scene, has remained a hub of such activity -- from the CMU researchers who exposed government vulnerability by discerning the formula for Social Security numbers to the Latrobe teen recently accused of shutting down a Sony game site based in San Diego.

"In the early days, hacking was just maladjusted adolescents, and now it's a business that can be both a criminal or state-sponsored activity," said Randy Bryant, dean of the school of computer science at Carnegie Mellon.

Sensitive information on the Internet runs the gamut from state secrets to debit card numbers. Companies have long configured corporate laptops and smart phones to safeguard business information, but the Google case highlights how hacking can impede commercial pursuits from half a world away.

The online world is flat. Gregg Frankhouser, a special agent at the FBI office in Pittsburgh, said most of his cases involved area victims and international or out-of-state perpetrators, usually from locations in New York or California.

He's trained in computer forensics, and said the cases were becoming more complex but also more pervasive.

"You used to have one business or individual, and now it can be millions," he said. Less sophisticated hackers can be "script kiddies," young people who Mr. Frankhouser said can master simple e-mail hacking.

Hacking terminology pays tribute to the Wild West: "Black hat" hackers are people who are up to no good; "white hat" hackers, nothing to worry about; and "gray hat" hackers, a lot that alternates between the two inclinations.

Even a black hat like Evil Taco disputes a clear-cut morality in the hacking world, saying black-hat intentions can be good.

"Most of the 'black hat' hackers I know do so for the challenge, and to see how the security will improve after they do what they do," he wrote. "I personally wrote a few viruses that were semimalicious, but not computer threatening, just to open people's eyes up to how stupid their behavior is online."

Dr. Bryant said the knowledge base that separates good guys and bad guys is slim -- to the point that elementary hacking skills are a necessary part of his teaching.

As part of the curriculum to his "Introduction to Computer Systems" class, Dr. Bryant sets up a server vulnerable to outside attacks and has students take aim -- something Evil Taco did himself during his training.

"I learned to break into servers by setting up my own servers and breaking into them," he wrote.

Dr. Bryant sees a different purpose.

"Assuming they're going to work on the good side, they need to know vulnerabilities that are exactly what these attackers will exploit," he said.

Brian Lang leads a group of white hats called the Pittsburgh Hackers Club. It's a deliberate naming designed to wrestle the "hacker" title from its negative connotations.

"It's not all about breaking into the CIA," he said. "People are trapped by technology instead of exploring it."

Working out of Mr. Lang's home in Squirrel Hill, the club members talk shop about modifying hardware and pledge to not do "anything that would get us in trouble," he said.

Mr. Lang, who is 26, started working on computers in eighth grade and has no formal training. He taught himself with online manuals and "mutual learning" with like-minded hackers across the country. Now he runs a computer repair company called Bladhaire (Celtic for "fire").

Mr. Lang said it was easy to change hats in the hacking world, saying he used to experiment with a Greek-inspired virus that masquerades as helpful software but actually siphons information from the hard drive.

"At heart I've always been a white hat, but I'm sure there's some things that weren't very white hat in the past," he said. "Trojan horses were always fun back in the day -- at least with people you knew."

As one of the pre-eminent computer schools in the nation, CMU has set up a cottage industry of threat assessment and research institutions.

The Defense Advanced Research Projects Agency commissioned the university to form CERT, a center to assess cyber threats, in 1988 after an outbreak called the Morris worm incident shut down 10 percent of Internet systems.

Marty Lindner, an engineer at CERT, said the pervasiveness of social networks and their encyclopedic knowledge of members have created "the next scary place" online. That's because the names, locations and jobs of people and their acquaintances can become fodder for fraudulent requests.

Now, the "Nigerian prince" seeking bank numbers becomes "Aunt Julia," and suddenly you're more credulous to her pleas for cash. Or if a virus is hidden in an e-mail attachment, the suspicious "I Love You" message is signed with your boyfriend's name.

All hacking experts alluded to a hacker community with its own economy and hierarchy.

"When one of us learns a new trick, they can't help but want to show it off and teach everyone else," wrote Evil Taco.

They have annual conferences, proving that even organizations with lanyards can turn nefarious.

But does the U.S. government have moles in the community?

"Common sense would say 'yes,'" Mr. Lindner said.

"Money Q&A" and "Company Town" are featured exclusively at PG+, a members-only web site of the Pittsburgh Post-Gazette. Our introduction to PG+ gives you all the details.