Rapid Share Premium Account User Name and Password FREE

Common methods of Hacking

A typical approach in an attack on Internet-connected system is:

  1. Network enumeration: Discovering information about the intended target.
  2. Vulnerability analysis: Identifying potential ways of attack.
  3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis. [5]

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

[edit]Security exploit

A security exploit is a prepared application that takes advantage of a known weakness. A common example of a security exploit is a fail programming attempt that would allow an SQL injection. Other exploits would be able to be used throughFTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

[edit]Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)

[edit]Packet sniffer

A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.

[edit]Spoofing attack

A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.

[edit]Rootkit

A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.

[edit]Social engineering

Social Engineering is the art of getting persons to reveal sensitive information about a system. This is usually done by impersonating someone or by convincing people to believe you have permissions to obtain such information.

[edit]Trojan horse

A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.)

[edit]Virus

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.

[edit]Worm

Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.

[edit]Key loggers

A keylogger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Often uses virus-, trojan-, and rootkit-like methods to remain active and hidden.

Hacker attitudes

Several subgroups of the computer underground with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker – cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat (ethical hacking), grey hat, black hat andscript kiddie. In contrast to Raymond, they usually reserve the term cracker to refer to black hat hackers, or more generally hackers with unlawful intentions.

[edit]White hat

A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. This type of hacker enjoys learning and working with computer systems, and consequently gains a deeper understanding of the subject. Such people normally go on to use their hacking skills in legitimate ways, such as becoming security consultants. The word 'hacker' originally included people like this, although a hacker may not be someone into security.

[edit]Grey hat

A grey hat hacker is a hacker of ambiguous ethics and/or borderline legality, often frankly admitted.

[edit]Black hat

A black hat hacker is someone who breaks computer security without authorization or uses technology (usually a computer, phone system or network) for vandalism, credit card fraud, identity theft, piracy, or other types of illegal activity.

[edit]Script kiddie

A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding. These are the outcasts of the hacker community.

[edit]Hacktivist

A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hactivism involves website defacement or denial-of-service attacks. In more extreme cases, hactivism is used as tool for Cyberterrorism.

Home computer hackers

In a third meaning, hacker refers to computer hobbyists who push the limits of their software or hardware. The home computer hacking subculture relates to the hobbyist home computing of the late 1970s, beginning with the availability of MITS Altair. An influential organization was the Homebrew Computer Club.

The areas that did not fit together with the academic hacker subculture focus mainly on commercial computer and video games, software cracking and exceptional computer programming (demo scene). Also of interest to some members of this group is the modification of computer hardware and other electronic devices, seemodding.

The programmer subculture of hackers

The computer security use is contrasted by the different understanding of hacker as a person who follows a spirit of playful cleverness and loves programming. It is found in an originally academic movement unrelated to computer security and most visibly associated withfree software and open source. It also has a hacker ethic, based on the idea that writing software and sharing the result on a voluntary basis is a good idea, and that information should be free, but that it's not up to the hacker to make it free by breaking into private computer systems. Academic hackers disassociate from the mass media's pejorative use of the word 'hacker' referring to computer security, and usually prefer the term 'cracker' for that meaning.

In this hacker culture, a computer hacker is a person who enjoys designing software and building programs with a sense for aesthetics and playful cleverness. The term hack in this sense can be traced back to "describe the elaborate college pranks that...students would regularly devise" (Levy, 1984 p.10). To be considered a 'hack' was an honour among like-minded peers as "to qualify as a hack, the feat must be imbued with innovation, style and technical virtuosity" (levy, 1984 p.10)

According to Eric S. Raymond,[20] the Open source and Free Software hacker subculture developed in the 1960s among ‘academic hackers’[21] working on early minicomputers in computer science environments in the United States. After 1969 it fused with the technical culture of the pioneers of the Arpanet. The PDP-10 machine AI at MIT, which was running the ITS operating system and was connected to the Arpanet, provided an early hacker meeting point. After 1980 the subculture coalesced with the culture of Unix, and after 1987 with elements of the early microcomputer hobbyists that themselves had connections to radio amateurs in the 1920s. Since the mid-1990s, it has been largely coincident with what is now called the free software and open source movement.

Many programmers have been labeled "great hackers,"[22] but the specifics of who that label applies to is a matter of opinion. Certainly major contributors to computer science such as Edsger Dijkstra and Donald Knuth, as well as the inventors of popular software such as Linus Torvalds (Linux), and Dennis Ritchie and Ken Thompson (the C programming language) are likely to be included in any such list; see also List of programmers. People primarily known for their contributions to the consciousness of the academic hacker culture include Richard Stallman, the founder of the free software movement and the GNU project, president of the Free Software Foundation and author of the famous Emacs text editor as well as the GNU Compiler Collection (GCC), and Eric S. Raymond, one of the founders of theOpen Source Initiative and writer of the famous text The Cathedral and the Bazaar and many other essays, maintainer of the Jargon File (which was previously maintained by Guy L. Steele, Jr.).

Within the academic hacker culture, the term hacker is also used for a programmer who reaches a goal by employing a series of modifications to extend existingcode or resources. In this sense, it can have a negative connotation of using kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This derogatory form of the noun "hack" is even used among users of the positive sense of "hacker" (some argue that it should not be, due to this negative meaning; others argue that some kludges can, for all their ugliness and imperfection, still have "hack value"). In a very universal sense, hacker also means someone who makes things work beyond perceived limits in a clever way in general.[3] That is, people who apply the creative attitude of software hackers in fields other than computing. This includes even activities that predate computer hacking, for example reality hackers.[23] More recent examples of this usage are wetware hackers and media hackers. According to the Jargon File the word hacker was used in a similar meaning among radio amateurs already in the 1950s.[24]

The culture sometimes uses jargon which is "incomprehensible to outsiders".[25] Examples are 'losing' "when a piece of equipment is not working"[25] and 'munged' "when a piece of equipment is ruined".[25]

Computer security hackers

In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. That is, the media portrays the 'hacker' as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. They operate under a code, which acknowledges that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.

The subculture around such hackers is termed network hacker subculture, hacker scene or computer underground. It initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s. It is implicated with 2600: The Hacker Quarterly and the alt.2600 newsgroup.

By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,[15] but there was no public awareness about such activities.[16] However, the release of the movie WarGames that year raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. This concern became real when a gang of teenage hackers in Milwaukee, Wisconsin known as The 414s broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. The case quickly grew media attention,[17][10] and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover.[11] The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense.

As a result of news coverage, congressman Dan Glickman called for an investigation and new laws about computer hacking.[18] Neal Patrick testified before the U.S. House of Representatives on September 26, 1983 about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year.[19] As a result of these laws against computer criminality, white hat, grey hat and black hat hackers try to distinguish themselves from each other, depending on the legality of their activities.

Hacker definition controversy

The terms hacker and hack are marked by contrasting positive and negative connotations. Computer programmers often use the words hacking and hacker to express admiration for the work of a skilled software developer, but may also use them in a negative sense to describe the production of inelegant kludges. Some frown upon using hacking as a synonym for security cracking -- in distinct contrast to the larger world, in which the word hacker is typically used to describe someone who "hacks into" a system by evading or disabling security measures.

[edit]Controversy and ambiguity

While "hack" was originally more used as a verb for "messing about" with (e.g. "I hack around with computers"), the meaning of the term has shifted over the decades since it first came into use in a computer context. As usage has spread more widely, the primary meaning of newer users of the word has shifted to one which conflicts with the original primary emphasis.

Currently, "hacker" is used in two main ways, one pejorative and one complimentary. In popular usage and in the media, it most often refers to computer intruders or criminals, with associated pejorative connotations. (For example, "An Internet 'hacker' broke through state government security systems in March.") In the computing community, the primary meaning is a complimentary description for a particularly brilliant programmer or technical expert. (For example, "Linus Torvalds, the creator of Linux, is considered by some to be a hacker.") A large segment of the technical community insist the latter is the "correct" usage of the word (see the Jargon Filedefinition below).

The mainstream media's current usage of the term may be traced back to the early 1980s (see History). When the term was introduced to wider society by the mainstream media in 1983, even those in the computer community referred to computer intrusion as "hacking", although not as the exclusive use of that word. In reaction to the increasing media use of the term exclusively with the criminal connotation, the computer community began to differentiate their terminology. Several alternative terms such as "black hat" and "cracker" were coined in an effort to distinguish between those performing criminal activities, and those whose activities were the legal ones referred to more frequently in the historical use of the term "hack". Analogous terms such as "white hats" and "gray hats" developed as a result. However, since network news use of the term pertained primarily to the criminal activities despite this attempt by the technical community to preserve and distinguish the original meaning, the mainstream media and general public continue to describe computer criminals with all levels of technical sophistication as "hackers" and does not generally make use of the word in any of its non-criminal connotations.

As a result of this difference, the definition is the subject of heated controversy. The wider dominance of the pejorative connotation is resented by many who object to the term being taken from their cultural jargon and used negatively,[7] including those who have historically preferred to self-identify as hackers. Many advocate using the more recent and nuanced alternate terms when describing criminals and others who negatively take advantage of security flaws in software and hardware. Others prefer to follow common popular usage, arguing that the positive form is confusing and unlikely to become widespread in the general public. A minority still stubbornly use the term in both original senses despite the controversy, leaving context to clarify (or leave ambiguous) which meaning is intended. It is noteworthy, however, that the positive definition of hacker was widely used as the predominant form for many years before the negative definition was popularized.

"Hacker" can therefore be seen as a shibboleth, identifying those who use the technically-oriented sense (as opposed to the exclusively intrusion-oriented sense) as members of the computing community.

A possible middle ground position has been suggested, based on the observation that "hacking" describes a collection of skills which are used by hackers of both descriptions for differing reasons. The analogy is made to locksmithing, specifically picking locks, which — aside from its being a skill with a fairly high tropism to 'classic' hacking — is a skill which can be used for good or evil. The primary weakness of this analogy is the inclusion of script kiddies in the popular usage of "hacker", despite the lack of an underlying skill and knowledge base.

Fred Shapiro thinks that "the common theory that 'hacker' originally was a benign term and the malicious connotations of the word were a later perversion is untrue." He found out that the malicious connotations were present at MIT in 1963 already and then referred to unauthorized users of the telephone network[8] (which are also called phreakers).

[edit]History

  • 1950s: amateur radio enthusiasts defined the term hacking as creatively tinkering to improve performance.
  • 1959: hack is defined in MIT's Tech Model Railroad Club Dictionary as "1) an article or project without constructive end; 2) a project undertaken on bad self-advice; 3) an entropy booster; 4) to produce, or attempt to produce, a hack(3)." hacker is defined as "one who hacks, or makes them." Much of the TMRC's jargon is later imported into early computing culture.
  • 1963: The first recorded reference to hackers in the computer sense is made in The Tech (MIT Student Magazine).[9]
  • 1972: Stewart Brand publishes "S P A C E W A R: Fanatic Life and Symbolic Death Among the Computer Bums" in Rolling Stone, an early piece describing computer culture. In it, Alan Kay is quoted as saying "A true hacker is not a group person. He's a person who loves to stay up all night, he and the machine in a love-hate relationship... They're kids who tended to be brilliant but not very interested in conventional goals[...] It's a term of derision and also the ultimate compliment."
  • 1980: The August issue of Psychology Today prints (with commentary by Philip Zimbardo) "The Hacker Papers", an excerpt from a Stanford Bulletin Board discussion on the addictive nature of computer use.
  • 1982: In the film TRON, Kevin Flynn (Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a little hacking here". CLU is the software he uses for this.
  • 1983: The movie WarGames, featuring a computer intrusion into NORAD, is released. A gang of 6 teenagers is caught breaking into dozens of computer systems, including that of Los Alamos National Laboratory.[10] Newsweek features the cover story "Beware: Hackers at play."[11] First Usenet post on the use of the termhacker in the media (CBS News) to mean computer criminal.[12] Pressured by media coverage of computer intrusions, Congress begins work on new laws for computer security.[13]
  • 1984: Steven Levy publishes Hackers: Heroes of the Computer Revolution. The book publicizes, and perhaps originates the phrase "Hacker Ethic" and gives a codification of its principles.
  • 1988: Stalking the Wily Hacker, an article by Clifford Stoll appears in the May 1988 issue of the Communications of the ACM and uses the term hacker in the sense of a computer criminal. Later that year, the release by Robert Tappan Morris, Jr. of the so-called Morris worm provoked the popular media to spread this usage.
  • 1989: The Cuckoo's Egg by Clifford Stoll is published, and its popularity further entrenches the term in the public's consciousness.
  • 2008: Global movement of Hackerspaces emerges. These labs are technological, cultural and social creative places enabling hackers to develop projects together, code, create open source projects or hardware designs.

[edit]Contemporary use

The modern, computer-related use of the term is considered likely rooted in the goings on at the Massachusetts Institute of Technology (MIT) in the 1960s, long before computers became common; the word "hack" was local slang which had a large number of related meanings. One was a simple, but often inelegant, solution to a problem. It also meant any clever prank perpetrated by MIT students; logically, the perpetrator was a hacker. To this day the terms hack and hacker are used in several ways at MIT, without necessarily referring to computers. When MIT students surreptitiously put a fake police car atop the dome on MIT's Building 10, that was a hack, and the students involved were therefore hackers. Another type of hacker — one who explores undocumented or unauthorized areas in buildings — is now called a reality hacker or urban spelunker.

The term was fused with computers when members of the Tech Model Railroad Club started working with a Digital Equipment Corporation PDP-1 computer and applied local model railroad slang to computers.

The earliest known use of the term in this manner is from the 20 November 1963 issue of The Tech, the student paper of MIT:

Many telephone services have been curtailed because of so-called hackers, according to Prof. Carlton Tucker, administrator of the Institute phone system. […] The hackers have accomplished such things as tying up all the tie-lines between Harvard and MIT, or making long-distance calls by charging them to a local radar installation. One method involved connecting the PDP-1 computer to the phone system to search the lines until a dial tone, indicating an outside line, was found. […] Because of the 'hacking', the majority of the MIT phones are 'trapped'.

Originally, the term "hack" was applied almost exclusively to programming or electrical engineering, but it has come to be used in some circles for almost any type of clever circumvention, in phrases such as "hack the media", "hack your brain" and "hack your reputation".

[edit]Negative usage in engineering

Another meaning of the term "hack", similar to kludge and distinct from both the positive and security-related meanings discussed above, derives from the everyday English sense "to cut or shape by or as if by crude or ruthless strokes" [Merriam-Webster]. In other words to "hack" at an original creation, as if with an axe, is to force-fit it into being usable for a task not intended by the original creator, and a "hacker" would be someone who does this habitually. (The original creator and the hacker may be the same person.)

This usage is common in both programming[14] and engineering. In programming, hacking in this sense appears to be tolerated and seen as a necessary compromise in many situations. In non-software engineering, the culture is less tolerant of unmaintainable solutions, even when intended to be temporary, and describing someone as a "hacker" might imply that they lack professionalism. In this sense, the term has no real positive connotations, except for the idea that the hacker is capable of doing modifications that allow a system to work in the short term, and so has some sort of marketable skills. There is always, however, the understanding that a more skillful, or technical, logician could have produced successful modifications that would not be considered a "hack-job".

The definition is similar to other, non-computer based, uses of the term "hack-job". For instance, a professional modification of a production sports car into a racing machine would not be considered a hack-job, but a cobbled together backyard mechanic's result could be. Even though the outcome of a race of the two machines could not be assumed, a quick inspection would instantly reveal the difference in the level of professionalism of the designers.

Hacker (computer security)

In common usage, a hacker is a person who breaks into computers, usually by gaining access to administrative controls.[1] The subculture that has evolved around hackers is often referred to as the computer underground. Proponents claim to be motivated by artistic and political ends, and are often unconcerned about the use of illegal means to achieve them.[2]

Other uses of the word hacker exist that are not related to computer security (computer programmer and home computer hobbyists), but these are rarely used by the mainstream media.

Hacker (computing)

In computing, a hacker is a person in one of several distinct (but not completely disjoint) communities and subcultures:[1]

  • People committed to circumvention of computer security. This primarily concerns unauthorized remote computer break-ins via a communication networks such as the Internet (Black hats), but also includes those who debug or fix security problems (White hats), and the morally ambiguous Grey hats. See "Hacker (computer security)".
  • A community of enthusiast computer programmers and systems designers, originated in the 1960s around theMassachusetts Institute of Technology (MIT)'s Tech Model Railroad Club (TMRC) and MIT Artificial Intelligence Laboratory.[2] This community is notable for launching the free software movement. The World Wide Web and theInternet itself are also hacker artifacts.[3] The Request for Comments RFC 1392 amplifies this meaning as "[a] person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." See "Hacker (programmer subculture)".
  • The hobbyist home computing community, focusing on hardware in the late 1970s (e.g. the Homebrew Computer Club[4]) and on software (computer games,[5] software cracking, the demoscene) in the 1980s/1990s. The community included Steve Jobs, Steve Wozniak and Bill Gates and created the personal computing industry.[6] See "Hacker (hobbyist)".

Today, mainstream usage mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. This includes script kiddies, people breaking into computers using programs written by others, with very little knowledge about the way they work. This usage has become so predominant that a large segment of the general public is unaware that different meanings exist. While the use of the word by hobbyist hackers is acknowledged by all three kinds of hackers, and the computer security hackers accept all uses of the word, free software hackers consider the computer intrusion related usage incorrect, and refer to security breakers as "crackers" (analogous to a safecracker).

Hack value

Hack value is the notion among hackers that something is worth doing or is interesting. This is something that hackers often feel intuitively about a problem or solution; the feeling approaches the mystical[1] for some.

An important aspect of hack value is performing feats for the sake of showing that they can be done, even if others think it is difficult or impossible. Using things in a unique way outside their intended purpose is often perceived as having hack value. Examples are using a matrix printer to produce musical notes, using a flatbed scanner to take ultra-high-resolution photographs or using an optical mouse as barcode reader.

A solution or feat implies hack value if it is done in a way that has finesse, cleverness, or brilliance. So creativity is an important part of the meaning. For example,picking a difficult lock has hack value; smashing a lock does not. By way of another example, proving Fermat's last theorem by linking together most of modern mathematics has hack value; solving the four color map problem by exhaustively trying all possibilities does not (both of these have now in fact been proven).

The physicist Richard Feynman had a keen appreciation of hack value, and was an enthusiastic safecracker. At the Challenger Space Shuttle accident inquiry he demonstrated the potential of O rings for causing the disaster by freezing an O ring in his glass of ice water and showing its failure to the audience, which included the media.

Hacking History

The term "hack" was first used by US university computing center staff in the mid-1960s. The context determined whether the complimentary or derogatory meanings were implied. Phrases such as "ugly hack" or "quick hack" generally referred to the latter meaning; phrases such as "cool hack" or "neat hack", to the former. In modern computer programming, a "hack" can refer to a solution or method which functions correctly but which is "ugly" in its concept, which works outside the accepted structures and norms of the environment, or which is not easily extendable or maintainable (see kludge). The programmer keeps beating on it until a solution is found. The jargon used by hackers is called "Hackish" (see the Jargon file). This should not be confused with "1337" or "leetspeak."

In a similar vein, a "hack" may refer to works outside of computer programming. For example, a math hack means a clever solution to a mathematical problem. TheGNU General Public License has been described as[who?] a copyright hack because it cleverly uses the copyright laws for a purpose the lawmakers did not foresee. All of these uses now also seem to be spreading beyond MIT as well.

On many internet websites and in everyday language the word "hack" can be slang for "copy", "imitation" or "rip-off."

A DIY musician probes the circuit board of a synthesizer for "bends" using a jeweler's screwdriver and alligator clips

The term has since acquired an additional and now more common meaning, since approximately the 1980s; this more modern definition was initially associated with crackers. This growing use of the term "hack" is to refer to a program that (sometimes illegally) modifies another program, often a computer game, giving the user access to features otherwise inaccessible to them. As an example of this use, for Palm OS users (until the 4th iteration of this operating system), a "hack" refers to an extension of the operating system which provides additional functionality. The general media also uses this term to describe the act of illegally breaking into a computer, but this meaning is disputed.

The term is additionally used by electronics hobbyists to refer to simple modifications to electronic hardware such as a graphing calculators, video game consoles, electronic musical keyboards or other device (see CueCat for a notorious example) to expose or add functionality to a device that was unintended for use by end users by the company who created it. A number of technomusicians have modified 1980s-era Casio SK-1 sampling keyboards to create unusual sounds by doing circuit bending: connecting wires to different leads of the integrated circuit chips. The results of these DIY experiments range from opening up previously inaccessible features that were part of the chip design to producing the strange, disharmonic digital tones that became part of the techno music style. Companies take different attitudes towards such practices, ranging from open acceptance (such as Texas Instruments for its graphing calculators and Lego for its Lego Mindstorms robotics gear) to outright hostility (such as Microsoft's attempts to lock out Xbox hackers or the DRM routines on Blu-ray Disc players designed to sabotage compromised players).

Hacking Origin of term

The term was used by mathematician John Nash as a putdown. When he become a C.L.E Moore Instructor at Massachusetts Institute of Technology (MIT) in 1951, he brought this putdown with him.[1]

The term achieved widespread use in the 1960s and its meaning then evolved to a quick, elaborate and/or bodged solution students devised for a technical obstacle; it was used with hacker, meaning one who discovers and implements a hack. The word itself comes from the German word meaning "someone who makes furniture with an axe",[2] implying a lack of finesse in a "hack"; it is believed by many in the hacking community that the reason for this is because programs too large to run on the limited computer resources of the time had portions "chopped" or "hacked" out in order to be reduced to a more reasonable size.

See: MIT hacks

Over time, the meaning of the word there was expanded, perhaps through contact with the amateur radio community. It came to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. In the term "hack value" it also acquired a meaning of anything that was simultaneously fun and clever.

The initial hacker community at MIT, particularly those associated with the Tech Model Railroad Club, applied this pre-existing local slang to computer programming, producing the variant which first came into common use outside MIT.

Hack (technology)

Hack has several related meanings in the technology and computer science fields. It may refer to a clever or quick fix to a computer program problem, or to what may be perceived to be a clumsy or inelegant (but usually relatively quick) solution to a problem. The term is also used to refer to a modification of a program or device to give the user access to features that were otherwise unavailable, such as DIY circuit bending.

Hacking Points For Style

Again, to be a hacker, you have to enter the hacker mindset. There are some things you can do when you're not at a computer that seem to help. They're not substitutes for hacking (nothing is) but many hackers do them, and feel that they connect in some basic way with the essence of hacking.

  • Learn to write your native language well. Though it's a common stereotype that programmers can't write, a surprising number of hackers (including all the most accomplished ones I know of) are very able writers.

  • Read science fiction. Go to science fiction conventions (a good way to meet hackers and proto-hackers).

  • Train in a martial-arts form. The kind of mental discipline required for martial arts seems to be similar in important ways to what hackers do. The most popular forms among hackers are definitely Asian empty-hand arts such as Tae Kwon Do, various forms of Karate, Kung Fu, Aikido, or Ju Jitsu. Western fencing and Asian sword arts also have visible followings. In places where it's legal, pistol shooting has been rising in popularity since the late 1990s. The most hackerly martial arts are those which emphasize mental discipline, relaxed awareness, and control, rather than raw strength, athleticism, or physical toughness.

  • Study an actual meditation discipline. The perennial favorite among hackers is Zen (importantly, it is possible to benefit from Zen without acquiring a religion or discarding one you already have). Other styles may work as well, but be careful to choose one that doesn't require you to believe crazy things.

  • Develop an analytical ear for music. Learn to appreciate peculiar kinds of music. Learn to play some musical instrument well, or how to sing.

  • Develop your appreciation of puns and wordplay.

The more of these things you already do, the more likely it is that you are natural hacker material. Why these things in particular is not completely clear, but they're connected with a mix of left- and right-brain skills that seems to be important; hackers need to be able to both reason logically and step outside the apparent logic of a problem at a moment's notice.

Work as intensely as you play and play as intensely as you work. For true hackers, the boundaries between "play", "work", "science" and "art" all tend to disappear, or to merge into a high-level creative playfulness. Also, don't be content with a narrow range of skills. Though most hackers self-describe as programmers, they are very likely to be more than competent in several related skills — system administration, web design, and PC hardware troubleshooting are common ones. A hacker who's a system administrator, on the other hand, is likely to be quite skilled at script programming and web design. Hackers don't do things by halves; if they invest in a skill at all, they tend to get very good at it.

Finally, a few things not to do.

  • Don't use a silly, grandiose user ID or screen name.

  • Don't get in flame wars on Usenet (or anywhere else).

  • Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does.

  • Don't post or email writing that's full of spelling errors and bad grammar.

The only reputation you'll make doing any of these things is as a twit. Hackers have long memories — it could take you years to live your early blunders down enough to be accepted.

The problem with screen names or handles deserves some amplification. Concealing your identity behind a handle is a juvenile and silly behavior characteristic of crackers, warez d00dz, and other lower life forms. Hackers don't do this; they're proud of what they do and want it associated with their real names. So if you have a handle, drop it. In the hacker culture it will only mark you as a loser.

The Hacker/Nerd Connection

Contrary to popular myth, you don't have to be a nerd to be a hacker. It does help, however, and many hackers are in fact nerds. Being something of a social outcast helps you stay concentrated on the really important things, like thinking and hacking.

For this reason, many hackers have adopted the label ‘geek’ as a badge of pride — it's a way of declaring their independence from normal social expectations (as well as a fondness for other things like science fiction and strategy games that often go with being a hacker). The term 'nerd' used to be used this way back in the 1990s, back when 'nerd' was a mild pejorative and 'geek' a rather harsher one; sometime after 2000 they switched places, at least in U.S. popular culture, and there is now even a significant geek-pride culture among people who aren't techies.

If you can manage to concentrate enough on hacking to be good at it and still have a life, that's fine. This is a lot easier today than it was when I was a newbie in the 1970s; mainstream culture is much friendlier to techno-nerds now. There are even growing numbers of people who realize that hackers are often high-quality lover and spouse material.

If you're attracted to hacking because you don't have a life, that's OK too — at least you won't have trouble concentrating. Maybe you'll get a life later on.

Status in the Hacker Culture

Status in the Hacker Culture

Like most cultures without a money economy, hackerdom runs on reputation. You're trying to solve interesting problems, but how interesting they are, and whether your solutions are really good, is something that only your technical peers or superiors are normally equipped to judge.

Accordingly, when you play the hacker game, you learn to keep score primarily by what other hackers think of your skill (this is why you aren't really a hacker until other hackers consistently call you one). This fact is obscured by the image of hacking as solitary work; also by a hacker-cultural taboo (gradually decaying since the late 1990s but still potent) against admitting that ego or external validation are involved in one's motivation at all.

Specifically, hackerdom is what anthropologists call a gift culture. You gain status and reputation in it not by dominating other people, nor by being beautiful, nor by having things other people want, but rather by giving things away. Specifically, by giving away your time, your creativity, and the results of your skill.

There are basically five kinds of things you can do to be respected by hackers:

Serve the hacker culture itself

Status in the Hacker Culture

Finally, you can serve and propagate the culture itself (by, for example, writing an accurate primer on how to become a hacker :-)). This is not something you'll be positioned to do until you've been around for while and become well-known for one of the first four things.

The hacker culture doesn't have leaders, exactly, but it does have culture heroes and tribal elders and historians and spokespeople. When you've been in the trenches long enough, you may grow into one of these. Beware: hackers distrust blatant ego in their tribal elders, so visibly reaching for this kind of fame is dangerous. Rather than striving for it, you have to sort of position yourself so it drops in your lap, and then be modest and gracious about your status.

Help keep the infrastructure working

Status in the Hacker Culture

The hacker culture (and the engineering development of the Internet, for that matter) is run by volunteers. There's a lot of necessary but unglamorous work that needs done to keep it going — administering mailing lists, moderating newsgroups, maintaining large software archive sites, developing RFCs and other technical standards.

People who do this sort of thing well get a lot of respect, because everybody knows these jobs are huge time sinks and not as much fun as playing with code. Doing them shows dedication.

Publish useful information

Status in the Hacker Culture

Another good thing is to collect and filter useful and interesting information into web pages or documents like Frequently Asked Questions (FAQ) lists, and make those generally available.

Maintainers of major technical FAQs get almost as much respect as open-source authors.

Help test and debug open-source software

Status in the Hacker Culture

They also serve who stand and debug open-source software. In this imperfect world, we will inevitably spend most of our software development time in the debugging phase. That's why any open-source author who's thinking will tell you that good beta-testers (who know how to describe symptoms clearly, localize problems well, can tolerate bugs in a quickie release, and are willing to apply a few simple diagnostic routines) are worth their weight in rubies. Even one of these can make the difference between a debugging phase that's a protracted, exhausting nightmare and one that's merely a salutary nuisance.

If you're a newbie, try to find a program under development that you're interested in and be a good beta-tester. There's a natural progression from helping test programs to helping debug them to helping modify them. You'll learn a lot this way, and generate good karma with people who will help you later on.

Write open-source software

Status in the Hacker Culture

The first (the most central and most traditional) is to write programs that other hackers think are fun or useful, and give the program sources away to the whole hacker culture to use.

(We used to call these works “free software”, but this confused too many people who weren't sure exactly what “free” was supposed to mean. Most of us now prefer the term “open-source” software).

Hackerdom's most revered demigods are people who have written large, capable programs that met a widespread need and given them away, so that now everyone uses them.

But there's a bit of a fine historical point here. While hackers have always looked up to the open-source developers among them as our community's hardest core, before the mid-1990s most hackers most of the time worked on closed source. This was still true when I wrote the first version of this HOWTO in 1996; it took the mainstreaming of open-source software after 1997 to change things. Today, "the hacker community" and "open-source developers" are two descriptions for what is essentially the same culture and population — but it is worth remembering that this was not always so.

Basic Hacking Skills

Basic Hacking Skills

The hacker attitude is vital, but skills are even more vital. Attitude is no substitute for competence, and there's a certain basic toolkit of skills which you have to have before any hacker will dream of calling you one.

This toolkit changes slowly over time as technology creates new skills and makes old ones obsolete. For example, it used to include programming in machine language, and didn't until recently involve HTML. But right now it pretty clearly includes the following:

If you don't have functional English, learn it.

Basic Hacking Skills

As an American and native English-speaker myself, I have previously been reluctant to suggest this, lest it be taken as a sort of cultural imperialism. But several native speakers of other languages have urged me to point out that English is the working language of the hacker culture and the Internet, and that you will need to know it to function in the hacker community.

Back around 1991 I learned that many hackers who have English as a second language use it in technical discussions even when they share a birth tongue; it was reported to me at the time that English has a richer technical vocabulary than any other language and is therefore simply a better tool for the job. For similar reasons, translations of technical books written in English are often unsatisfactory (when they get done at all).

Linus Torvalds, a Finn, comments his code in English (it apparently never occurred to him to do otherwise). His fluency in English has been an important factor in his ability to recruit a worldwide community of developers for Linux. It's an example worth following.

Being a native English-speaker does not guarantee that you have language skills good enough to function as a hacker. If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we've generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can't yet write competently, learn to.

Learn how to use the World Wide Web and write HTML

Basic Hacking Skills

Most of the things the hacker culture has built do their work out of sight, helping run factories and offices and universities without any obvious impact on how non-hackers live. The Web is the one big exception, the huge shiny hacker toy that even politicians admit has changed the world. For this reason alone (and a lot of other good ones as well) you need to learn how to work the Web.

This doesn't just mean learning how to drive a browser (anyone can do that), but learning how to write HTML, the Web's markup language. If you don't know how to program, writing HTML will teach you some mental habits that will help you learn. So build a home page. Try to stick to XHTML, which is a cleaner language than classic HTML. (There are good beginner tutorials on the Web; here's one.)

But just having a home page isn't anywhere near good enough to make you a hacker. The Web is full of home pages. Most of them are pointless, zero-content sludge — very snazzy-looking sludge, mind you, but sludge all the same (for more on this see The HTML Hell Page).

To be worthwhile, your page must have content — it must be interesting and/or useful to other hackers. And that brings us to the next topic..

Get one of the open-source Unixes and learn to use and run it.

Basic Hacking Skills

I'll assume you have a personal computer or can get access to one. (Take a moment to appreciate how much that means. The hacker culture originally evolved back when computers were so expensive that individuals could not own them.) The single most important step any newbie can take toward acquiring hacker skills is to get a copy of Linux or one of the BSD-Unixes or OpenSolaris, install it on a personal machine, and run it.

Yes, there are other operating systems in the world besides Unix. But they're distributed in binary — you can't read the code, and you can't modify it. Trying to learn to hack on a Microsoft Windows machine or under any other closed-source system is like trying to learn to dance while wearing a body cast.

Under Mac OS X it's possible, but only part of the system is open source — you're likely to hit a lot of walls, and you have to be careful not to develop the bad habit of depending on Apple's proprietary code. If you concentrate on the Unix under the hood you can learn some useful things.

Unix is the operating system of the Internet. While you can learn to use the Internet without knowing Unix, you can't be an Internet hacker without understanding Unix. For this reason, the hacker culture today is pretty strongly Unix-centered. (This wasn't always true, and some old-time hackers still aren't happy about it, but the symbiosis between Unix and the Internet has become strong enough that even Microsoft's muscle doesn't seem able to seriously dent it.)

So, bring up a Unix — I like Linux myself but there are other ways (and yes, you can run both Linux and Microsoft Windows on the same machine). Learn it. Run it. Tinker with it. Talk to the Internet with it. Read the code. Modify the code. You'll get better programming tools (including C, LISP, Python, and Perl) than any Microsoft operating system can dream of hosting, you'll have fun, and you'll soak up more knowledge than you realize you're learning until you look back on it as a master hacker.

For more about learning Unix, see The Loginataka. You might also want to have a look at The Art Of Unix Programming.

To get your hands on a Linux, see the Linux Online! site; you can download from there or (better idea) find a local Linux user group to help you with installation.

During the first ten years of this HOWTO's life, I reported that from a new user's point of view, all Linux distributions are almost equivalent. But in 2006-2007, an actual best choice emerged: Ubuntu. While other distros have their own areas of strength, Ubuntu is far and away the most accessible to Linux newbies.

You can find BSD Unix help and resources at www.bsd.org.

A good way to dip your toes in the water is to boot up what Linux fans call a live CD, a distribution that runs entirely off a CD without having to modify your hard disk. This will be slow, because CDs are slow, but it's a way to get a look at the possibilities without having to do anything drastic.

I have written a primer on the basics of Unix and the Internet.

I used to recommend against installing either Linux or BSD as a solo project if you're a newbie. Nowadays the installers have gotten good enough that doing it entirely on your own is possible, even for a newbie. Nevertheless, I still recommend making contact with your local Linux user's group and asking for help. It can't hurt, and may smooth the process.

Learn how to Program

Basic Hacking Skills

This, of course, is the fundamental hacking skill. If you don't know any computer languages, I recommend starting with Python. It is cleanly designed, well documented, and relatively kind to beginners. Despite being a good first language, it is not just a toy; it is very powerful and flexible and well suited for large projects. I have written a more detailed evaluation of Python. Good tutorials are available at the Python web site.

I used to recommend Java as a good language to learn early, but this critique has changed my mind (search for “The Pitfalls of Java as a First Programming Language” within it). A hacker cannot, as they devastatingly put it “approach problem-solving like a plumber in a hardware store”; you have to know what the components actually do. Now I think it is probably best to learn C and Lisp first, then Java.

If you get into serious programming, you will have to learn C, the core language of Unix. C++ is very closely related to C; if you know one, learning the other will not be difficult. Neither language is a good one to try learning as your first, however. And, actually, the more you can avoid programming in C the more productive you will be.

C is very efficient, and very sparing of your machine's resources. Unfortunately, C gets that efficiency by requiring you to do a lot of low-level management of resources (like memory) by hand. All that low-level code is complex and bug-prone, and will soak up huge amounts of your time on debugging. With today's machines as powerful as they are, this is usually a bad tradeoff — it's smarter to use a language that uses the machine's time less efficiently, but your time much more efficiently. Thus, Python.

Other languages of particular importance to hackers include Perl and LISP. Perl is worth learning for practical reasons; it's very widely used for active web pages and system administration, so that even if you never write Perl you should learn to read it. Many people use Perl in the way I suggest you should use Python, to avoid C programming on jobs that don't require C's machine efficiency. You will need to be able to understand their code.

LISP is worth learning for a different reason — the profound enlightenment experience you will have when you finally get it. That experience will make you a better programmer for the rest of your days, even if you never actually use LISP itself a lot. (You can get some beginning experience with LISP fairly easily by writing and modifying editing modes for the Emacs text editor, or Script-Fu plugins for the GIMP.)

It's best, actually, to learn all five of Python, C/C++, Java, Perl, and LISP. Besides being the most important hacking languages, they represent very different approaches to programming, and each will educate you in valuable ways.

But be aware that you won't reach the skill level of a hacker or even merely a programmer simply by accumulating languages — you need to learn how to think about programming problems in a general way, independent of any one language. To be a real hacker, you need to get to the point where you can learn a new language in days by relating what's in the manual to what you already know. This means you should learn several very different languages.

I can't give complete instructions on how to learn to program here — it's a complex skill. But I can tell you that books and courses won't do it — many, maybe most of the best hackers are self-taught. You can learn language features — bits of knowledge — from books, but the mind-set that makes that knowledge into living skill can be learned only by practice and apprenticeship. What will do it is (a) reading code and (b) writing code.

Peter Norvig, who is one of Google's top hackers and the co-author of the most widely used textbook on AI, has written an excellent essay called Teach Yourself Programming in Ten Years. His "recipe for programming success" is worth careful attention.

Learning to program is like learning to write good natural language. The best way to do it is to read some stuff written by masters of the form, write some things yourself, read a lot more, write a little more, read a lot more, write some more ... and repeat until your writing begins to develop the kind of strength and economy you see in your models.

Finding good code to read used to be hard, because there were few large programs available in source for fledgeling hackers to read and tinker with. This has changed dramatically; open-source software, programming tools, and operating systems (all built by hackers) are now widely available. Which brings me neatly to our next topic...


ShoutMix chat widget