Thursday, June 12, 2008
Tuesday, June 3, 2008
What is hacking?
Hacking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an ethical hacker and an organization, it's OK. The key difference is that the ethical hacker has authorization to probe the target.We work with IBM Consulting and its customers to design and execute thorough evaluations of their computer and network security. Depending on the evaluation they request (ranging from Web server probes to all-out attacks), we gather as much information as we can about the target from publicly available sources. As we learn more about the target, its subsidiaries and network connectivity, we begin to probe for weaknesses. Examples of weaknesses include poor configuration of Web servers, old or unpatched software, disabled security controls, and poorly chosen or default passwords. As we find and exploit vulnerabilities, we document if and how we gained access, as well as if anyone at the organization noticed. (In nearly all the cases, the Information Syhstems department is not informed of these planned attacks.) Then we work with the customer to address the issues we've discovered.The number of really gifted hackers in the world is very small, but there are lots of wannabes.... When we do an ethical hack, we could be holding the keys to that company once we gain access. It's too great a risk for our customers to be put in a compromising position. With access to so many systems and so much information, the temptation for a former hacker could be too great -- like a kid in an unattended candy store.
What Is a Hacker?
The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant.
There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.
The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’.
There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.
The basic difference is this: hackers build things, crackers break them.
If you want to be a hacker, keep reading. If you want to be a cracker, go read the alt.2600 newsgroup and get ready to do five to ten in the slammer after finding out you aren't as smart as you think you are. And that's all I'm going to say about crackers.
Hacking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an ethical hacker and an organization, it's OK. The key difference is that the ethical hacker has authorization to probe the target.We work with IBM Consulting and its customers to design and execute thorough evaluations of their computer and network security. Depending on the evaluation they request (ranging from Web server probes to all-out attacks), we gather as much information as we can about the target from publicly available sources. As we learn more about the target, its subsidiaries and network connectivity, we begin to probe for weaknesses. Examples of weaknesses include poor configuration of Web servers, old or unpatched software, disabled security controls, and poorly chosen or default passwords. As we find and exploit vulnerabilities, we document if and how we gained access, as well as if anyone at the organization noticed. (In nearly all the cases, the Information Syhstems department is not informed of these planned attacks.) Then we work with the customer to address the issues we've discovered.The number of really gifted hackers in the world is very small, but there are lots of wannabes.... When we do an ethical hack, we could be holding the keys to that company once we gain access. It's too great a risk for our customers to be put in a compromising position. With access to so many systems and so much information, the temptation for a former hacker could be too great -- like a kid in an unattended candy store.
What Is a Hacker?
The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant.
There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.
The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’.
There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.
The basic difference is this: hackers build things, crackers break them.
If you want to be a hacker, keep reading. If you want to be a cracker, go read the alt.2600 newsgroup and get ready to do five to ten in the slammer after finding out you aren't as smart as you think you are. And that's all I'm going to say about crackers.
Talk:HACK
Hacker attitudes
The term "Hacker" may mean simply a person with mastery of computers; however the mass media most often uses "Hacker" as synonymous with a (usually criminal) computer intruder. See hacker, and Hacker definition controversy. In computer security, several subgroups with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group which which they do not agree.
White hat
Main article:White hat A white hat hacker or ethical hacker is someone who breaks security but who does so for altruistic or at least non-malicious reasons. White hats generally have a clearly defined code of ethics, and will often attempt to work with a manufacturer or owner to improve discovered security weaknesses, although many reserve the implicit or explicit threat of public disclosure after a "reasonable" time as a prod to ensure timely response from a corporate entity. The term is also used to describe hackers who work to deliberately design and code more secure systems. To white hats, the darker the hat, the more the ethics of the activity can be considered dubious. Conversely, black hats may claim the lighter the hat, the more the ethics of the activity are lost.
Grey hat
Main article: Grey hat A grey hat hacker is a hacker of ambiguous ethics and/or borderline legality, often frankly admitted.
Blue Hat
Main article: Blue Hat A blue hat hacker is someone outside computer security consulting firms that are used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.
Black Hat
Main article: Black Hat A black hat hacker is someone who subverts computer security without authorization or who uses technology (usually a computer or the Internet) for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, or many other types of crime. This can mean taking control of a remote computer through a network, or software cracking.
Script kiddie
Main article: Script kiddie Script kiddie is a pejorative term for a computer intruder with little or no skill; a person who simply follows directions or uses a cook-book approach without fully understanding the meaning of the steps they are performing.
Hacktivist
Main article: hacktivism A hacktivist is a hacker who utilizes technology to announce a political message. Web vandalism is not necessarily hacktivism.
Spoofing attack
Main article: Spoofing attack A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access.
Rootkit
Main article: Rootkit A rootkit is a toolkit for hiding the fact that a computer's security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Root kits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Trojan horse
Main article: Trojan horse (computing) A Trojan horse is a program designed as to seem to being or be doing one thing, such as a legitimate software, but actually being or doing another. They are not necessarily malicious programs but can be. A trojan horse can be used to set up a back door in a computer system so that the intruder can return later and gain access. Viruses that fool a user into downloading and/or executing them by pretending to be useful applications are also sometimes called trojan horses. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.) See also Dialer.
Virus
Main article: Computer virus A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.
Worm
Main article: Computer worm Like a virus, a worm is also a self-replicating program. The difference between a virus and a worm is that a worm does not create multiple copies of itself on one system: it propagates through computer networks. After the comparison between computer viruses and biological viruses, the obvious comparison here is to a bacterium. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program. It is possible for a program to have the blunt characteristics of both a worm and a virus.
Merging
I think that's a spectacularly bad idea. First, there are a number of meanings to "hacking" that don't apply to "hack", and vice versa (e.g. one doesn't normally think of calling the activities of either hack writers or party hacks as hacking; and the action one does when one slashes with a machete isn't a hack), without even getting into things like Hack (television series), not to mention the use of "hack" as a noun ("clever hack") and a verb ("he started to hack because of his flu"). Second, each of these lists is long enough already; joining the two is going to produce a massive mess. We've got enough trouble already with all the subtly different meanings of "hack", "hacker" and "hacking" as they relate to technology (over the spectrium from clever tricks -> unauthorized modifications -> criminal activity), let's not make it worse, huh? Noel (talk) 23:43, 20 July 2005 (UTC) OTOH, there is a fair bit of duplication across the two pages... Graham 00:28, 21 July 2005 (UTC) Absolutely; there's no "perfect" solution. Yes, the duplication is not good, but the disadvantages of a merged page outweigh the disadvantages of the two separate pages. Noel (talk) 19:28, 24 July 2005 (UTC) The best solution, IMHO, is to merge hacking into hack and to contentualize terms that are only used in the form "hacking" and not "hack". -Sean Curtin 00:56, August 30, 2005 (UTC) Hacking, Hacker, and Hack are not all the same thing. Like a book used to steady a table or a gun used to open a door, a hack is a expression of a deep understanding of what is possible and what is not. A hacker has a fierce desire to know more about this, and understands that just because something may be meant for one thing does not mean it can not be used for another. In the computer world these skill sets manifest as the ability to code and build computers from parts, in music they manifest as the ability to restring a guitar or use a reverb to get more base. All things have hackers, just as there is a hack in all things. Tis need to be a point made in each artical, and the idea of a Hacker only being a computer thing needs to be addressed. There are music hackers too you know, and electical hackers, writing hackers. -User:Belgarath_TS There should be no merge. The idea that hacking is primarily a computer term, is a classic POV of the type which the page Wikipedia:WikiProject Countering systemic bias was created to warn against. For those in the horse riding comunity the words hack and hacking have a completly different meaning, using google: about 131,000 English pages for Hacking horse site:uk. about 533,000 English pages for Hacking computer site:uk. --
Hack
I was browsing a site for antique cars and the reference was made for a 1915 Model T "Hack". Well, the reference was NOT for a taxi but rather some sort of flat bed, pickup, closed cab type truck. It may have been some sort of farm vehicle. Is there anyone out there who can clarify what a "hack" is when used in this application? —
Taxi Driving
Hey guys. To 'hack' or 'hacking' can also mean driving a taxi for a taxi company, especially when you don't own the taxi. I think this is seperate from hackney carriage, so I put this definition underneath it.
Hacker
In a security context, a Hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, "hacker" refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and those more ethically ambiguous (grey hats). To disambiguate the term hacker, often cracker is used instead, referring either to computer security hacker culture as a whole to demarcate it from the academic hacker culture (such as by Eric S. Raymond[1]) or specifically to make a distinction within the computer security context between black-hat hackers and the more ethically positive hackers (commonly known as the white-hat hackers). The context of computer security hacking forms a subculture which is often referred to as the network hacker subculture or simply the computer underground. According to its adherents, cultural values center around the idea of creative and extraordinary computer usage. Proponents claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.
Subscribe to:
Posts (Atom)
