Re: Cyberterrorism hype

[mea culpa <jericho () DIMENSIONAL COM>]

Reply From: edison <edison () dhp com>

> Forwarded From: Johan.Ingles () janes co uk
> http://jir.janes.com/sample/jir0525.html
>
> Nothing gets a hacker's back up quicker than someone confusing a hacker
> with cracker. The term 'hacker' refers to an individual who programmes
> enthusiastically (even obsessively), enjoys programming or is especially
> good at programming; a 'cracker' is somebody who breaks into another's
> computer systems or digs into their code (to make a copy-protected
> programme run). Yet the boundaries have become somewhat blurred and the
> popular understanding of these terms is is quite wrong: ever since
> Hollywood produced 'Wargames', based on Kevin Mitnic's cracking activities
> (known as 'exploits'), the term 'hacking' has become synonymous with
> unauthorised access into restricted systems - which is 'cracking'. In
> today's world, such activity also includes the deliberate defacement of
> websites. Hackers are quick to point out that there is a code of hacker
> ethics that precludes any profit from the activity - the only motive is
> the activity itself - but they are not naïve: realising the potential for
> misuse, they divide themselves into 'white-hat' hackers (ethical hackers)
> and 'black-hat' hackers (crackers). 

"Nothing gets a hacker's back up quicker than someone confusing a
hacker with a cracker."

I couldn't agree more.  Unfortunately, you've gotten my back up.  I
don't know where the idea first came from, but the re-titling of the
hacker and the cracker really does get our collective goats.

I am a hacker.  I was a hacker before WarGames came out in '83.  I would
get lists of access numbers from local and national BBSes.  I would dial
into these systems from my Apple ][ with a 300 baud modem.  I would gain
unauthorized access to them and then do nothing more than learn as much
about that system's OS as I could fit into my 13 year-old brain.

When PC Pursuit came out, not only did we hackers figure out how to
access their outdial modems to call up our favorite board, but we soon
realized there was more to this network than was advertised.  For many
of us, it was our first exposure to networked computers, and that
notion itself was enough to keep us up at night.

I, along with my hacking colleagues, had no qualms about profiting from
our hacking.  But the profit we made was knowledge.  Most of us didn't
know about the guys at MIT rewiring their model trains and DECs until
Steven Levy wrote about them, but immediately felt a kinship to these
early pioneers.  Both groups were driven by the pursuit of knowledge,
but we had to learn to pick electronic locks instead of physical ones,
to gain access to the resources needed to further our goals.

But even in our day there were unethical hackers.  They would pursue
the wrong kinds of knowledge, such as personal information, or would
abuse the power gleaned from already attained skill.  They did things
that the majority of the hackers frowned upon, but never for an
instant did we not consider them hackers.  Just like a politician can
use his clout and charisma to enact both right or wrong, a hacker can
use his skill to make a system run better or harrass the sys admin.




I am also a cracker.  I was a cracker before WarGames came out in '83.
I would copy software from friends at school or the local computer
store.  I would examine the copy protection on these programs with my
Apple ][ and a sector editor.  I would reverse engineer this
protection and defeat it and then do nothing more then post it on a
local BBS for download, or use the game or program myself because my
$10-a-week allowance couldn't buy much in the way of software.

I, along with my cracking colleagues, had no qualms about profiting
from our cracking.  But the profit we made was knowledge.  Most of us
knew hackers or were hackers ourselves, and felt a kinship with them.
Both groups were driven by the thrill of using self-acquired technical
skill to circumvent protection schemes, but we had to learn how to
disassemble copy-protection code instead of a passcode, to further our
goals.

But even in our day there were unethical crackers.  They would sell
pirated software or would take credit on a crack page for a crack they
didn't do.  They did things that the majority of the crackers frowned
upon, but never for an instant did we not consider them crackers.



Not everyone that breaks into a computer system is a hacker.  Someone
that downloads an exploit off the net ( which, by the way, is not a
Kevin Mitnick activity, but rather a program that automatically takes
advantage of a vulnerability in a system ), without caring what makes
it tick, and uses it to break into a web server to put his group's
name in lights, could hardly be called a hacker.

Likewise, not everyone that defeats copy protection is a cracker.
Someone that grabs a serial number off the net, without caring how
that serial number was generated, and uses it to register software
that he doesn't want to buy, could hardly be called a cracker.

In summary, a hacker breaks into computer systems and a cracker
defeats software copy proctection.  Sure, I can hack some source code
to make it run better, but in that capacity I'm a coder, not a hacker.
If you doubt what I'm saying, go buy the LOD's hacker BBS logs or read
the essays on Fravia's Page of Reverse Engineering.  Don't take what
you read in the press as authoritative.  Instead, do a bit of digging
and talk to the people you are mislabeling.

Here endeth the lesson.

-edison

ISN is sponsored by Security-Focus.COM