Encyclopedia > Software Hacking

  Article Content

Hacker

Redirected from Software Hacking

A hacker is anyone who enjoys the intellectual challenge of creatively overcoming or circumventing limitations, primarily in their fields of interest, namely programming or electrical engineering.

The term developed originally in the United States university computing community in the positive sense described above, but as used in the media, it has become synonymous with "software cracker".

The term hacker is used in four senses in common use:

  1. Someone who knows a (sometimes specified) set of programming interfaces well enough to write novel and useful software without conscious thought on a good day.
  2. Someone who (usually illegally) attempts to break into or otherwise subvert the security of a program, system or network, often with malicious intent. This usage is annoying to many in the developer community who grew up with the primary meaning in sense (1), and would prefer to keep it that way; they would prefer the media used the term cracker. Sometimes this is also called a "black hat hacker", to distinguish it from sense 3 below.
  3. Someone who attempts to break into systems or networks in order to help the owners of the system by making them aware of security flaws in it. This is often called a "white hat hacker" or sneaker[?]. Many of these people are employed by computer security companies, and are doing something completely legal; and many were formerly hackers within sense 2.
  4. Someone who, through either knowledge or trial and error, makes a modification to an existing piece of software, made available to the hacker community, such that it provides a change of functionality. Such change is normally a benefit. Rather than a competition, the exchange of improvements is most often experienced as a cooperative learning effort.

"Script kiddie" is reserved for a cracker of little or no skill who simply follows directions or uses a cook-book approach without fully understanding the meaning of the steps they are performing.

Note that while the term hacker denotes competence, the noun hack often means kludge and thus has a negative connotation while the verb hack generally shares the same competent connotations.

See also jargon file.

The hacker community (the set of people who would describe themselves as hackers, or who would be described by others as hackers) falls into at least three partially overlapping categories. The word hacker probably derives from the somewhat derogatory hack, used in the newspaper industry typically to refer to a Journalist who types his stories without checking his facts first.

Table of contents

Hacker -- Brilliant Programmer

One who knows a (sometimes specified) set of programming interfaces well enough to write novel and useful software without conscious thought on a good day. This type of hacker is respected within the development community for the freedom they represent, although the term still carries some of the meaning of Hack, developing programs without adequate planning. This zug-zwang sets freedom and the ability to be creative against methodical careful progress. Corporate programming environments typically favor only either the good hackers, or the careful computer scientist.

At their best, Hackers can be surprisingly productive. Industry standard rates of development are in the range of 6-10 lines of code (debugged, and documented) per hour. A Hacker in stride can produce a few hundred lines of code an hour as thought translates itself directly into code. As a result a Hacker may be able to sketch out the full shape of a program to a level of quality that can be used for demonstrating ideas in less than a week. Thus it isn't hard to see what some companies find useful in Hacker talent.

The down side of Hacker productivity is generally agreed to be in maintainability, documentation, and completion. Very talented hackers may become bored with a project once they have figured out all of the hard parts, and be unwilling to finish off the details. This attitude can cause friction in shops where other programmers are expected to pick up the half finished work, decipher the structures and ideas, and bullet-proof the code. In other cases, where a Hacker is willing to maintain their own code, a company may be unable to find anyone else who is capable or willing to dig through code to maintain the program if the original programmer moves on to a new job.

Hacker -- Black Hat, or Cracker The popular press tends to use the terms "hacker" and "cracker" interchangeably for someone who attempts to break into or otherwise subvert the security of a system or network. This usage is annoying to many in the developer community who grew up with the primary meaning in the Guru sense, and would prefer to keep it that way.

However, within the programming community, "hacker" is generally a term of respect or acknowledgement of skill while "cracker" is used for someone who is skillfully malicious or committing criminal (not simply illegal) acts. Some former hackers and crackers are now employed by companies online to test their security and report on weaknesses.

Software cracking is the process of removing any sort of software enforced protection scheme from a piece of software.

There are several recurring tools of the trade used by hackers to gain unauthorized access to computers:

  • Trojan horse -- These are applications that seem to do useful work, but set up a back door so that the Hacker can later return and enter the system. These include programs which mimic login screens. Viruses that fool a user into downloading and/or executing them by pretending to be useful applications are also sometimes called trojan horses.
  • Snooper -- Applications that capture password and other data while it is in transit either within the computer, or over the network
  • virus -- An application that propagates itself opportunistically by waiting in the background until the user offers it a new medium to infect. The term came into usage by comparison with biological viruses, which reproduce by infecting a cell and taking advantage of its life functions. Similarly, computer viruses, unlike worms, embed themselves within files on the host system. When "infected" executables run, or sometimes when infected binary data files are read, the virus is able to spread to other binary format files on the local system, floppy disks or over the network. Viruses are often confused with worms.
  • Worm -- An application that actively probes for known weaknesses across the network, then propagates itself through an exploitation of those weaknesses. The original Usenet post describing the MorrisWorm described the distinction between viruses and worms thus: worms do not attach themselves to code. Popular usage appears to favour worms being more active than viruses. However, the Jargon File, as of version 4.4.1, maintains the original sense of the term. A Worm in this original sense is any independent program which reproduces itself over a network (a program reproducing itself on the local machine only repeatedly until the machine crashes is known as a wabbit[?]). After the comparison between computer viruses and biological viruses, the obvious comparison here is to a bacterium.
  • Vulnerability Scanner -- A tool used to quickly check computers on a network for known weaknesses. Hackers also use Port Scanners[?]. These check to see which ports on a specified computer are "open" or available to acess the computer through.
  • Exploit (computer science) -- A prepared application that takes advantage of a known weakness
  • Social engineering -- Asking someone for the password or account (possibly over a beer.) Also includes looking over someone's shoulder while they enter their password, or posing as someone else in order to get sensitive information.
  • Root kit -- A toolkit for hiding the fact that a computer's security has been compromised. Root kits may include replacements for system binaries so that it becomes impossible to see applications being run by the intruder in the active process tables.
  • Leet -- An English pidgin that helps to obscure hacker discussions and web sites, and paradoxically it simplifies the location of resources in public search engines for those who know the language.

Hacker -- Grey Hat

1) A black-hat hacker turned white-hat. See below.

2) A white-hat hacker who uses black-hat techniques to satisfy their employers, for whom they act as white-hat.

Hacker -- White Hat

White hat hackers often overlap with black hat depending on your perspective. The primary difference is that a white hat hacker observes the hacker ethic, a sort of golden rule of computing similar to: Do unto others as you would have them do unto you. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem without requiring support from a system manufacturer.

An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the US Government authorizes it for export. This allows the US Government to maintain some perceived level of control over the use of strong cryptography beyond its borders.

While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is without disabling the libraries that are included with Windows (even overseas) these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-US users.

Whether this is good (white hat) or bad (black hat) may depend on whether you are the US Government or not, but is generally considered by the computing community to be a white hat type of activity.

How Hackers Define Themselves The following is the definition given by the jargon file (a dictionary of hacker jargon):

hacker n. [originally, someone who makes furniture with an axe]
  1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
  2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
  3. A person capable of appreciating hack value.
  4. A person who is good at programming quickly.
  5. An expert at a particular program, or one who frequently does work using it or on it; as in `a Unix hacker'. (Definitions 1 through 5 are correlated, and people who fit them congregate.)
  6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.
  7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.
  8. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. Hence `password hacker', `network hacker'. The correct term for this sense is cracker.
The term `hacker' also tends to connote membership in the global community defined by the net (see the network and Internet address). For discussion of some of the basics of this culture, see the How To Become A Hacker FAQ. It also implies that the person described is seen to subscribe to some version of the hacker ethic. It is better to be described as a hacker by others than to describe oneself that way. Hackers consider themselves something of an elite (a meritocracy based on ability), though one to which new members are gladly welcome. There is thus a certain ego satisfaction to be had in identifying yourself as a hacker (but if you claim to be one and are not, you'll quickly be labeled bogus). See also geek, wannabee. This term seems to have been first adopted as a badge in the 1960s by the hacker culture surrounding TMRC and the MIT AI Lab. We have a report that it was used in a sense close to this entry's by teenage radio hams and electronics tinkerers in the mid-1950s.

Notable Hackers

(Note: this list includes a few crackers.)

  • Richard Stallman -- A hacker of the old school, Stallman walked in off the street and got a job at MIT's Artificial Intelligence Lab in 1971.
  • Ken Thompson and Dennis Ritchie -- The driving creative force behind Bell Labs' legendary computer science operating group, Ritchie and Thompson created UNIX in 1969.
  • John Draper (a.k.a. Captain Crunch) -- Figured out how to make free phone calls using a plastic prize whistle he found in a cereal box.
  • Mark Abene[?] (a.k.a. Phiber Optik) -- Inspired thousands of teenagers around the country to "study" the internal workings of the United States's phone system. One of the founders of Masters of Deception[?].
  • Robert T. Morris[?] -- This Cornell University graduate student accidentally unleashed an Internet worm in 1988.
  • Kevin Mitnick -- The first cracker to have his face immortalized on an FBI "Most Wanted" poster.
  • Kevin Poulsen[?] -- In 1990 Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM to win a call-in contest.
  • Johan Helsingius[?] -- Operated the world's most popular anonymous remailer, the Penet remailer (called penet.fi), until he closed up shop in September 1996.
  • Vladimir Levin -- This mathematician allegedly masterminded the Russian hacker gang that tricked Citibank's computers into spitting out $10 million.
  • Steve Wozniak -- The co-founder of Apple Computer got his start making devices for phone phreaking.
  • Tsutomu Shimomura -- Shimomura outhacked and outsmarted Kevin Mitnick, the United States's most infamous cracker/phreaker, in early 1994.
  • Linus Torvalds -- Torvalds was a computer science student at the University of Helsinki when he wrote the Linux kernel in 1991.
  • Larry Wall -- The creator of the Perl programming language.



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
Northampton, Suffolk County, New York

... of it is water. The total area is 1.09% water. Demographics As of the census of 2000, there are 468 people, 158 households, and 121 families residing in the town. ...

 
 
 
This page was created in 39.5 ms