Information Security News mailing list archives
Re: The good and bad of computer hacking
From: InfoSec News <isn () c4i org>
Date: Fri, 13 Dec 2002 04:46:55 -0600 (CST)
Forwarded from: Thomas C. Greene <tcgreene () bellatlantic net> i've always been dissatisfied with the vagueness of both terms, hacking and cracking. neither says anything about motivation. since i used to write about this stuff a great deal, i came up with a scheme that makes sense - at least to me. i'd like to share it for what it's worth. to give my own column some consistency, i decided that both words should be neutral in terms of motive. that is, hacker or cracker is not a synonym for 'computer criminal', but malicious hacker or malicious cracker might be. we could distinguish between a hacker and a cracker by saying that hacking is a very general term referring to any exploration of software or hardware or a system where one hasn't got the source code, the schematics, or the layout. so hacking is learning about a closed system by essentially 'fiddling about in the dark' until something unexpected happens, followed by an analysis of why that should be, leading to further experimenting and ultimately to insight about how the thing we're looking at works. thus hacking is both empirical and analytical, sharing much with the scientific method. often, hacking leads to useful modifications of existing software, hardware or systems, which the designers didn't anticipate. this can be good or bad depending on the hacker's motives. 'cracker' was a poor attempt at distinguishing 'hacker' from 'criminal' - an association the mainstream press was all too eager to make. to me a cracker is an offensively-white dork like trent lott, but that's a topic for another rant. i never thought we needed the term cracking in the technology lexicon, but we're stuck with it now so i suppose we can use it to indicate a particular subset of hacking, that is to defeat electronic security measures. we've always spoken of 'cracking' a passfile, say, or a cipher, so it makes sense to use cracking to indicate the electronic equivalent of picking locks. again, this can be done merely to illustrate security flaws, or to steal something protected electronically. a cracker can do good or bad depending on his motives. we still need a modifier to indicate motive. 'black hat' and 'white hat' are already cluttering the lexicon, so why not put them to use? thus one might be a black hat hacker, or a white hat cracker, depending on what one hopes to accomplish. t. On Thursday 12 December 2002 3:50 am, InfoSec News wrote:
Forwarded from: Robert G. Ferrell <rferrell () texas net> At 02:23 AM 12/11/02 -0600, you wrote:In early October, I wrote a column about how words influence the way we view and act upon situations. I made specific reference to the word "hacker" and how the word seems innocent, even cute. But I said it actually describes an action that is criminal.If you think "hacker" is innocent or cute, you need to spend some time with Mr. Webster: "One who cuts or severs with repeated irregular or unskillful blows" "One who cuts or shapes by or as if by crude or ruthless strokes" Charming. Of course, the same dictionary now lists hacking as "gaining access to a computer illegally," but that is the direct result of the persistent misuse of the term by a careless and lazy press, more interested in sensationalism than, say, accuracy.
[...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- The good and bad of computer hacking InfoSec News (Dec 11)
- <Possible follow-ups>
- Re: The good and bad of computer hacking InfoSec News (Dec 12)
- Re: The good and bad of computer hacking InfoSec News (Dec 13)
- Re: The good and bad of computer hacking InfoSec News (Dec 16)