This article is about computer hacking. For other uses, see Hacker (disambiguation) and Hacking.

In computing, a hacker is a member of one of several different subcultures:

A community of enthusiast computer programmers, originated in the 1960s around the TMRC and the MIT AI Lab. RFC 1392 [1] defines hacker as "A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." This community is notable for launching the free software movement. The World Wide Web and the Internet itself are also considered to be hacker artifacts. [2]
People expert in computer security, often engaging in illegal remote computer trespassing via a communication network such as the Internet, a LAN or a dial-up network (black hats), but sometimes engaged in ethical computer hacking, e.g., debugging or fixing security problems (white hats). Its original meaning ^[1] referred to an unauthorized user of the telephone company network (now called a phreaker).
The hobbyist home computing community of the late 1970s, focusing on both hardware (e.g. the Homebrew Computer Club) and software (the demoscene).

Nowadays, mainstream usage of hacker most often refers to criminal hackers, due to the mass media usage of the word since the 1980s, although free software hackers consider that incorrect, and refer to the former as crackers.

[hide]

[edit] Overview

At least three major hacker subcultures, characterized by their largely distinct historical development, use the term 'Hacker' in their jargon for self-identification.^[2] They are centered around different, but partially overlapping aspects of computers and have conflicting ideas about who may legitimately be called a hacker (see hacker definition controversy).

In computer security, a hacker is someone who focuses on security mechanisms. In common use, which was popularized by the mass media, that refers to someone who illegally breaks into computer and network systems. That is, the media portrays the 'hacker' as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. They operate under a code of the Hacker Ethic, in which it's acknowledged that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is nevertheless an interesting aspect that can be done in an ethical and legal way.

This use is contrasted by the different understanding of the word as a person who follows a spirit of playful cleverness and loves programming. It is found in an originally academic movement unrelated to computer security and most visibly associated with free software and open source. It also has a hacker ethic, based on the idea that writing software and sharing the result is a good idea, but only on a voluntary basis, and that information should be free, but that it's not up to the hacker to make it free by breaking into private computer systems. Academic hackers disassociate from the mass media's pejorative use of the word 'hacker' referring to computer security, and usually prefer the term 'cracker' for that meaning. In a third meaning, the term refers to computer hobbyists who push the limits of their software or hardware.

[edit] Computer security hackers

Main article: Hacker (computer security)

Bruce Sterling, author of The Hacker Crackdown

In computer security, a hacker is a person who specializes in work with the security mechanisms for computer and network systems. The subculture around such hackers is termed network hacker subculture, hacker scene or computer underground. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. Accordingly, the term bears strong connotations that may be favorable or pejorative.

The network hacker subculture initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s. It is implicated with 2600: The Hacker Quarterly and the alt.2600 newsgroup.

By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,^[3] but there was no public awareness about such activities.^[4] However, the release of the movie WarGames that year raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. This concern became real when a gang of teenage hackers in Milwaukee, Wisconsin known as The 414s broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. The case quickly grew media attention,^[5]^[6] and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover.^[7] The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense.

As a result of news coverage, congressman Dan Glickman called for an investigation and new laws about computer hacking.^[8] Neal Patrick testified before the U.S. House of Representatives on September 26, 1983 about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year.^[9] As a result of these laws against computer criminality, white hat, grey hat and black hat hackers try to distinguish themselves from each other, depending on the legality of their activities.

[edit] Open Source and Free Software hackers

Main article: Hacker (academia)

In the Open Source and Free Software hacker culture, a computer hacker is a person who enjoys designing software and building programs with a sense for aesthetics and playful cleverness.

According to Eric S. Raymond,^[10] the Open source and Free Software hacker subculture developed in the 1960s among ‘academic hackers’^[11] working on early minicomputers in computer science environments. After 1969 it fused with the technical culture of the pioneers of the Arpanet. The PDP-10 machine AI at MIT, which was running the ITS operating system and was connected to the Arpanet, provided an early hacker meeting point. After 1980 the subculture coalesced with the culture of Unix, and after 1987 with elements of the early microcomputer hobbyists that themselves had connections to radio amateurs in the 1920s. Since the mid-1990s, it has been largely coincident with what is now called the free software and open source movement.

Many programmers have been labeled "great hackers,"^[12] but the specifics of who that label applies to is a matter of opinion. Certainly major contributors to computer science such as Edsger Dijkstra and Donald Knuth, as well as the inventors of popular software such as Linus Torvalds (Linux), and Dennis Ritchie and Ken Thompson (the C programming language) are likely to be included in any such list; see also List of programmers. People primarily known for their contributions to the consciousness of the academic hacker culture include Richard Stallman, the founder of the free software movement and the GNU project, president of the Free Software Foundation and author of the famous Emacs text editor as well as the GNU Compiler Collection (GCC), and Eric S. Raymond, one of the founders of the Open Source Initiative and writer of the famous text The Cathedral and the Bazaar and many other essays, maintainer of the Jargon File (which was previously maintained by Guy L. Steele, Jr.).

Within the academic hacker culture, the term hacker is also used for a programmer who reaches a goal by employing a series of modifications to extend existing code or resources. In this sense, it can have a negative connotation of using kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This derogatory form of the noun "hack" is even used among users of the positive sense of "hacker" (some argue that it should not be, due to this negative meaning; others argue that some kludges can, for all their ugliness and imperfection, still have "hack value"). In a very universal sense, a hacker also means someone who makes things work beyond perceived limits in a clever way in general, for example reality hackers.^[13]

[edit] Home computer hackers

Please help improve this article by expanding this section.
See talk page for details. Please remove this message once the section has been expanded.

Main article: Hacker (hobbyist)

The home computer hacking subculture relates to the hobbyist home computing of the late 1970s, beginning with the availability of MITS Altair. An influential organization was the Homebrew Computer Club.

The areas that did not fit together with the academic hacker subculture focus mainly on commercial computer and video games, software cracking and exceptional computer programming (demo scene), but also to the modification of computer hardware and other electronic devices, see modding.

[edit] Overlaps and differences

The main basic difference between academic and computer security hackers is their mostly separate historical origin and development. However, the Jargon File reports that considerable overlap existed for the early phreaking at the beginning of the 1970s. An article from MIT's student paper The Tech used the term hacker in this context already in 1963 in its pejorative meaning for someone messing with the phone system.^[1] The overlap quickly started to break when people joined in the activity who did it in a less responsible way.^[14] This was the case after the publication of an article exposing the activities of Draper and Engressias.

Academic hackers usually work openly and use their real name, while computer security hackers prefer secretive groups and identity-concealing aliases. Also, their activities in practice are largely distinct. The former focus on creating new and improving existing infrastructure (especially the software environment they work with), while the latter primarily and strongly emphasize the general act of circumvention of security measures, with the effective use of the knowledge (which can be to report and help fixing the security bugs, or exploitation for criminal purpose) being only rather secondary. The most visible difference in these views was in the design of the MIT hackers' Incompatible Timesharing System, which deliberately didn't have any security measures.

There are some subtle overlaps, however, since basic knowledge about computer security is also common within the academic hacker community. For example, Ken Thompson noted during his 1983 Turing Award lecture that it is possible to add code to the UNIX "login" command that would accept either the intended encrypted password or a particular known password, allowing a back door into the system with the latter password. He named his invention the "Trojan horse." Furthermore, Thompson argued, the C compiler itself could be modified to automatically generate the rogue code, to make detecting the modification even harder. Because the compiler is itself a program generated from a compiler, the Trojan horse could also be automatically installed in a new compiler program, without any detectable modification to the source of the new compiler. However, Thompson disassociated himself strictly from the computer security hackers: "I would like to criticize the press in its handling of the 'hackers,' the 414 gang, the Dalton gang, etc. The acts performed by these kids are vandalism at best and probably trespass and theft at worst. ... I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts." ^[15]

The academic hacker community sees secondary circumvention of security mechanisms as legitimate if it is done to get practical barriers out of the way for doing actual work. In special forms, that can even be an expression of playful cleverness.^[16] However, the systematic and primary engagement in such activities is not one of the actual interests of the academic hacker subculture and it doesn't have significance in its actual activities, either.^[17] A further difference is that, historically, academic hackers were working at academic institutions and used the computing environment there. In contrast, the prototypical computer security hacker had access exclusively to a home computer and a modem. However since the mid-1990s, with home computers that could run Unix-like operating systems and with inexpensive internet home access being available for the first time, many people from outside of the academic world started to take part in the academic hacking subculture.

Since the mid-1980s, there are some overlaps in ideas and members with the computer security hacking community. The most prominent case is Robert T. Morris, who was a user of MIT-AI, yet wrote the Morris worm. The Jargon File hence calls him "a true hacker who blundered".^[18] Nevertheless, members of the academic subculture have a tendency to look down on and disassociate from these overlaps. They commonly refer disparagingly to people in the computer security subculture as crackers, and refuse to accept any definition of hacker that encompasses such activities (see the Hacker definition controversy). The computer security hacking subculture on the other hand tends not to distinguish between the two subcultures as harshly, instead acknowledging that they have much in common including many members, political and social goals, and a love of learning about technology. They restrict the use of the term cracker to their categories of script kiddies and black hat hackers instead.

All three subcultures have relations to hardware modifications. In the early days of network hacking, phreaks were building blue boxes and various variants. The academic hacker culture has stories about several hardware hacks in its folklore, such as a mysterious 'magic' switch attached to a PDP-10 computer in MIT's AI lab, that, when turned off, crashed the computer.^[19] The early hobbyist hackers built their home computers themselves, from construction kits. However, all these activities have died out during the 1980s, when the phone network switched to digitally controlled switchboards, causing network hacking to shift to dialing remote computers with modems, when pre-assembled inexpensive home computers were available, and when academic institutions started to give individual mass-produced workstation computers to scientists instead of using a central timesharing system. The only kind of widespread hardware modification nowadays is case modding.

An encounter of the academic and the computer security hacker subculture occurred at the end of the 1980s, when a group of computer security hackers, sympathizing with the Chaos Computer Club (who disclaimed any knowledge in these activities), broke into computers of American military organizations and academic institutions. They sold data from these machines to the Soviet secret service, one of them in order to fund his drug addiction. The case could be solved when scientists from the environment of the academic hacker subculture found ways to log the attacks and to trace them back. 23, a German film adaption with fictional elements, shows the events from the attackers' perspective. Clifford Stoll, one of the system administrators who helped to catch them, described the case in his book The Cuckoo's Egg and in the TV documentary The KGB, the Computer, and Me from the other perspective.

Often hackers with similar interests join groups and collaborate their intuitive minds to achieve often extraordinary results. They develop jargon which is "incomprehensible to outsiders" (Levy 1984, p.9). The academic text 'Hackers: Heroes of the computer revolution' author Stephen Levy writes about a group of university student hackers which use their own terms to conceal their works. In this group's case 'losing' is "when a piece of equipment is not working" (Levy 1984, p.9) and 'munged' is "when a piece of equipment is ruined" (Levy 1984, p.9). Hackers of the computer security sort are forever attempting to impress or shock. They may be impressing their fellow hackers or shocking the administrators of the program they have just successfully hacked by cracking what was once considered to be the 'uncrackable'.

The term hack can be coined to many different meanings however it can be traced back to "describe the elaborate college pranks that...students would regularly devise" (Levy, 1984 p.10). To be considered a 'hack' was an honour among like-minded peers as "to qualify as a hack, the feat must be imbued with innovation, style and technical virtuosity" (levy, 1984 p.10). Many of these talented college students choose to follow their hobby to either become an academic hacker and go on to work for large companies maintaining and continually protecting their highly secretive data. Constantly attempting to 'crack' the security barriers of the company they work for before external threats can. Once they have found the crack they then work to rectify the potential security breach. Due to the dynamic nature of the internet this is a never-ending task which requires great skill and talent. There is always a way around even the latest and most advance internet or intranet security system. Corporations spend large amounts of money protecting their data, however often the best money spent is on the staff hired to constantly challenge their systems and therefore improving its security.

Computer security hackers are the opposite of the academic hacker in that these are exactly who companies are attempting to prevent. They work covertly forever attempting to conceal one's identity and enter another's database. Mostly such hackers are merely 'proving a point' by showing they are able to enter a system that they are not authorized to do so. This may be simply for the reason of impressing their fellow hacker counterparts. Others operate with the intention of severe criminal activity, perhaps entering a bank's highly secretive data system and transferring money out of one's account without even leaving their home PC. This action is just like physically robbing a bank though all performed through a computer. Thankfully examples such as this are becoming very infrequent as companies quickly improve their systems.

[edit] See also

[edit] References

^ ^a ^b Fred Shapiro: Antedating of "Hacker". American Dialect Society Mailing List (13. June 2003)
^ webzone.k3.mah.se/k3jolo/HackerCultures/origins.htm.
^ See the 1981 version of the Jargon File, entry "hacker", last meaning.
^ (October 16, 2002). "Computer hacking: Where did it begin and how did it grow?". WindowSecurity.com.
^ Detroit Free Press, September 27, 1983
^ Elmer-DeWitt, Philip (Aug. 29, 1983), "The 414 Gang Strikes Again", Time magazine: p. 75, <http://www.time.com/time/magazine/article/0,9171,949797,00.html>
^ "Beware: Hackers at play", Newsweek: pp. 42-46,48, September 5, 1983
^ Timeline: The U.S. Government and Cybersecurity. Washington Post (2002). Retrieved on 2006-04-14.
^ David Bailey, "Attacks on Computers: Congressional Hearings and Pending Legislation," sp, p. 180, 1984 IEEE Symposium on Security and Privacy, 1984.
^ Eric S. Raymond: A Brief History of Hackerdom (2000)
^ www.faqs.org/docs/artu/ch20s06.html.
^ Graham, Paul (2004). Great Hackers.
^ See for example the MIT Gallery of Hacks
^ http://www.catb.org/~esr/jargon/html/P/phreaking.html
^ Thompson, Ken (August 1984). "Reflections on Trusting Trust". Communications of the ACM 27 (8).
^ http://gnu.mirrorspace.org/philosophy/rms-hack.html
^ http://www.catb.org/~esr/jargon/html/C/cracker.html
^ http://www.catb.org/jargon/html/pt03.html#bibliography
^ http://www.catb.org/~esr/jargon/html/magic-story.html

[edit] Related books

Michael Hasse: Die Hacker: Strukturanalyse einer jugendlichen Subkultur (1994).

Wikibooks has a book on the topic of

Hacking

[edit] Computer security hacking books

Logik Bomb: Hacker's Encyclopedia (1997)
Katie Hafner & John Markoff: Cyberpunk: Outlaws and Hackers on the Computer Frontier (Simon & Schuster, 1991), ISBN 0-671-68322-5.
Sterling, Bruce (1992). The Hacker Crackdown. Bantam. ISBN 0-553-08058-X.
Slatalla, Michelle; Joshua Quittner (1995). Masters of Deception: The Gang That Ruled Cyberspace. HarperCollins. ISBN 0-06-017030-1.
Dreyfus, Suelette (1997). Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier. Mandarin. ISBN 1-86330-595-5.
Verton, Dan (2002). The Hacker Diaries : Confessions of Teenage Hackers. McGraw-Hill Osborne Media. ISBN 0-07-222364-2.