Hacker (computer security)
Encyclopedia
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge. The subculture that has evolved around hackers is often referred to as the computer underground but it is now an open community.
While other uses of the word hacker exist that are not related to computer security, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.
traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter. TAP was a phone phreaking
newsletter that taught the techniques necessary for the unauthorized exploration of the phone network. Many people from the phreaking community are also active in the hacking community even today, and vice versa.
speak. Political attitude usually includes views for freedom of information, freedom of speech, a right for anonymity and most have a strong opposition against copyright. Writing programs and performing other activities to support these views is referred to as hacktivism
. Some go as far as seeing illegal cracking ethically justified for this goal; a common form is website defacement
. The computer underground is frequently compared to the Wild West. It is common among hackers to use aliases for the purpose of concealing identity, rather than revealing their real names.
(Summer), DEF CON
, HoHoCon
(Christmas), ShmooCon (February), BlackHat, Hacker Halted, and H.O.P.E.
. In the early 1980s Hacker Groups became popular, Hacker groups provided access to information and resources, and a place to learn from other members. Hackers could also gain credibility by being affiliated with an elite group.
(author of The New Hacker's Dictionary
) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat
, black hat
and script kiddie
. In contrast to Raymond, they usually reserve the term cracker. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system". These subgroups may also be defined by the legal status of their activities.
White hat
Black hat
Part 1 Targeting
Targeting is when the hacker determines what network to break into. The target may be of particular interest to the hacker, or the hacker may "Port Scan" a network to determine if it is vulnerable to attacks. A port is defined as "an opening through which the computer receives data via the network". Open ports will allow a hacker to access the system.
Part 2 Research and Information Gathering
It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from Social Engineering, which will be explained below. Aside from Social Engineering hackers can also use a technique called Dumpster Diving. Dumpster Diving is when a hacker will literally dive into a dumpster in hopes to find documents that users have thrown away, which will help them gain access to a network.
Grey hat
Elite hacker
Script kiddie
Neophyte
Blue hat
Hacktivist
In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.
, Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP
, SSH
, Telnet
and some web-pages. These are very common in website/domain hacking.
Password cracking
Packet sniffer
Spoofing attack (Phishing)
Rootkit
Social engineering
When a Hacker, typically a black hat, is in the second stage of the targeting process, he or she will typically use some social engineering tactics to get enough information to access the network. A common practice for hackers who use this technique, is to contact the system administrator and play the role of a user who cannot get access to his or her system. Hackers who use this technique have to be quite savvy and choose the words they use carefully, in order to trick the system administrator into giving them information. In some cases only an employed help desk user will answer the phone and they are generally easy to trick. Another typical hacker approach is for the hacker to act like a very angry supervisor and when the his/her authority is questioned they will threaten the help desk user with their job. Social Engineering is so effective because users are the most vulnerable part of an organization. All the security devices and programs in the world won't keep an organization safe if an employee gives away a password. Black Hat Hackers take advantage of this fact. Social Engineering can also be broken down into four sub-groups. These are intimidation, helpfulness, technical, and name-dropping.
Trojan horses
Viruses
Worms
Key loggers
, Hakin9
and 2600: The Hacker Quarterly
. While the information contained in hacker magazines and ezines was often outdated, they improved the reputations of those who contributed by documenting their successes.
and cyberculture
literature and movies. Absorption of fictional pseudonym
s, symbols, values, and metaphor
s from these fictional works is very common.
Books portraying hackers:
Films also portray hackers:
Computer hacking
While other uses of the word hacker exist that are not related to computer security, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.
History
Bruce SterlingBruce Sterling
Michael Bruce Sterling is an American science fiction author, best known for his novels and his work on the Mirrorshades anthology, which helped define the cyberpunk genre.-Writings:...
traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter. TAP was a phone phreaking
Phreaking
Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. As telephone networks have become computerized, phreaking has become closely...
newsletter that taught the techniques necessary for the unauthorized exploration of the phone network. Many people from the phreaking community are also active in the hacking community even today, and vice versa.
Artifacts and customs
The computer underground has produced its own slang and various forms of unusual alphabet use, for example 1337Leet
Leet , also known as eleet or leetspeak, is an alternative alphabet for the English language that is used primarily on the Internet. It uses various combinations of ASCII characters to replace Latinate letters...
speak. Political attitude usually includes views for freedom of information, freedom of speech, a right for anonymity and most have a strong opposition against copyright. Writing programs and performing other activities to support these views is referred to as hacktivism
Hacktivism
Hacktivism is the use of computers and computer networks as a means of protest to promote political ends. The term was first coined in 1994 by a member of the Cult of the Dead Cow hacker collective named Omega...
. Some go as far as seeing illegal cracking ethically justified for this goal; a common form is website defacement
Website defacement
A website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own....
. The computer underground is frequently compared to the Wild West. It is common among hackers to use aliases for the purpose of concealing identity, rather than revealing their real names.
Hacker groups and conventions
The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These draw many people every year including SummerConSummercon
Summercon is one of the oldest hacker conventions. It helped set a precedent for more modern "cons" such as H.O.P.E. and DEF CON, although it has remained smaller and more personal, and has been hosted in cities such as Pittsburgh, St. Louis, Atlanta, Washington, D.C., Austin, and Amsterdam....
(Summer), DEF CON
DEF CON
DEF CON is one of the world's largest annual computer hacker conventions, held every year in Las Vegas, Nevada...
, HoHoCon
HoHoCon
HoHoCon was a conference series which took place shortly before or after Christmas in Houston, Texas, sponsored by Drunkfux and the hacker ezine CULT OF THE DEAD COW. The fourth and fifth HoHoCons were also sponsored by Phrack magazine and took place in Austin, Texas...
(Christmas), ShmooCon (February), BlackHat, Hacker Halted, and H.O.P.E.
H.O.P.E.
HOPE is a conference series sponsored by the hacker magazine 2600: The Hacker Quarterly. Held biennially in the summer, there have been eight conferences to date with the next scheduled for 13 - 15 July 2012.- HOPE: Hackers On...
. In the early 1980s Hacker Groups became popular, Hacker groups provided access to information and resources, and a place to learn from other members. Hackers could also gain credibility by being affiliated with an elite group.
Hacker attitudes
Several subgroups of the computer underground with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. RaymondEric S. Raymond
Eric Steven Raymond , often referred to as ESR, is an American computer programmer, author and open source software advocate. After the 1997 publication of The Cathedral and the Bazaar, Raymond was for a number of years frequently quoted as an unofficial spokesman for the open source movement...
(author of The New Hacker's Dictionary
Jargon File
The Jargon File is a glossary of computer programmer slang. The original Jargon File was a collection of terms from technical cultures such as the MIT AI Lab, the Stanford AI Lab and others of the old ARPANET AI/LISP/PDP-10 communities, including Bolt, Beranek and Newman, Carnegie Mellon...
) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat
Grey hat
A grey hat, in the hacking community, refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra. It may relate to whether they sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities...
, black hat
Black hat
A black hat is the villain or bad guy, especially in a western movie in which such a character would stereotypically wear a black hat in contrast to the hero's white hat, especially in black and white movies....
and script kiddie
Script kiddie
A script kiddie or skiddie, occasionally skid, script bunny, script kitty, script-running juvenile or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.-Characteristics:In a Carnegie...
. In contrast to Raymond, they usually reserve the term cracker. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system". These subgroups may also be defined by the legal status of their activities.
White hat
- A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system.The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessmentVulnerability assessmentA vulnerability assessment is the process of identifying, quantifying, and prioritizing the vulnerabilities in a system. Examples of systems for which vulnerability assessments are performed include, but are not limited to, information technology systems, energy supply systems, water supply...
s within a contractual agreement. Often, this type of 'white hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.
Black hat
- A Black Hat Hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"(Moore,2005). Black Hat Hackers are "the epitome of all that the public fears in a computer criminal". Black Hat Hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network. The way Black Hat Hackers choose the networks that they are going to break into is by a process that can be broken down into two parts. This is called the pre-hacking stage.
Part 1 Targeting
Targeting is when the hacker determines what network to break into. The target may be of particular interest to the hacker, or the hacker may "Port Scan" a network to determine if it is vulnerable to attacks. A port is defined as "an opening through which the computer receives data via the network". Open ports will allow a hacker to access the system.
Part 2 Research and Information Gathering
It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from Social Engineering, which will be explained below. Aside from Social Engineering hackers can also use a technique called Dumpster Diving. Dumpster Diving is when a hacker will literally dive into a dumpster in hopes to find documents that users have thrown away, which will help them gain access to a network.
Grey hat
- A grey hatGrey hatA grey hat, in the hacking community, refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra. It may relate to whether they sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities...
hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.
Elite hacker
- A social statusAchieved statusAchieved status is a sociological term denoting a social position that a person can acquire on the basis of merit; it is a position that is earned or chosen. It is the opposite of ascribed status. It reflects personal skills, abilities, and efforts...
among hackers, elite is used to describe the most skilled. Newly discovered exploitsExploit (computer security)An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic...
will circulate among these hackers. Elite groups such as Masters of DeceptionMasters of DeceptionMasters of Deception was a New York-based hacker group. MOD reportedly controlled all the major telephone RBOC's and X.25 networks as well as controlling large parts of the backbone of the rapidly emerging Internet....
conferred a kind of credibility on their members.
Script kiddie
- A script kiddieScript kiddieA script kiddie or skiddie, occasionally skid, script bunny, script kitty, script-running juvenile or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.-Characteristics:In a Carnegie...
(or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept—hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature).
Neophyte
- A neophyte, "n00b", or "newbieNewbieNewbie or noob is a slang term for a novice or newcomer, or somebody inexperienced in any profession or activity. Contemporary use can particularly refer to a beginner or new user of computers, often concerning Internet activity, such as online gaming or Linux use...
" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking.
Blue hat
- A blue hatBlueHatBlueHat or Blue Hat is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed...
hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. MicrosoftMicrosoftMicrosoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
also uses the term BlueHat to represent a series of security briefing events.
Hacktivist
- A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivismHacktivismHacktivism is the use of computers and computer networks as a means of protest to promote political ends. The term was first coined in 1994 by a member of the Cult of the Dead Cow hacker collective named Omega...
involves website defacement or denial-of-service attackDenial-of-service attackA denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
s.
Attacks
A typical approach in an attack on Internet-connected system is:- Network enumeration: Discovering information about the intended target.
- Vulnerability analysisVulnerability (computing)In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
: Identifying potential ways of attack. - ExploitationExploitationThis article discusses the term exploitation in the meaning of using something in an unjust or cruel manner.- As unjust benefit :In political economy, economics, and sociology, exploitation involves a persistent social relationship in which certain persons are being mistreated or unfairly used for...
: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.
In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.
Security exploits
A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are SQL injectionSQL injection
A SQL injection is often used to attack the security of a website by inputting SQL statements in a web form to get a badly designed website in order to dump the database content to the attacker. SQL injection is a code injection technique that exploits a security vulnerability in a website's software...
, Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP
PHP
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
, SSH
Secure Shell
Secure Shell is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client...
, Telnet
TELNET
Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection...
and some web-pages. These are very common in website/domain hacking.
Techniques
Vulnerability scanner- A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scannerPort scannerA port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.A port scan or portscan is "An attack...
s. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)
Password cracking
- Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Packet sniffer
- A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
Spoofing attack (Phishing)
- A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
Rootkit
- A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Social engineering
When a Hacker, typically a black hat, is in the second stage of the targeting process, he or she will typically use some social engineering tactics to get enough information to access the network. A common practice for hackers who use this technique, is to contact the system administrator and play the role of a user who cannot get access to his or her system. Hackers who use this technique have to be quite savvy and choose the words they use carefully, in order to trick the system administrator into giving them information. In some cases only an employed help desk user will answer the phone and they are generally easy to trick. Another typical hacker approach is for the hacker to act like a very angry supervisor and when the his/her authority is questioned they will threaten the help desk user with their job. Social Engineering is so effective because users are the most vulnerable part of an organization. All the security devices and programs in the world won't keep an organization safe if an employee gives away a password. Black Hat Hackers take advantage of this fact. Social Engineering can also be broken down into four sub-groups. These are intimidation, helpfulness, technical, and name-dropping.
- Intimidation As stated above, with the angry supervisor, the hacker attacks the person who answers the phone with threats to their job. Many people at this point will accept that the hacker is a supervisor and give them the needed information.
- Helpfulness Opposite to intimidation, helpfulness is taking advantage of a person natural instinct to help someone with a problem. The hacker will not get angry instead act very distressed and concerned. The help desk is the most vulnerable to this type of Social Engineering, because they generally have the authority to change or reset passwords which is exactly what the hacker needs.
- Name-Dropping Simply put the hacker uses the names of advanced users as "key words", and gets the person who answers the phone to believe that they are part of the company because of this. Some information, like web page ownership, can be obtained easily on the web. Other information such as president and vice president names might have to be obtained via dumpster diving.
- Technical Using technology to get information is also a great way to get it. A hacker can send a fax or an email to a legitimate user in hopes to get a response containing vital information. Many times the hacker will act like he/she is involved with law enforcement and needs certain data for record keeping purposes or investigations.
Trojan horses
- A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horseTrojan HorseThe Trojan Horse is a tale from the Trojan War about the stratagem that allowed the Greeks finally to enter the city of Troy and end the conflict. In the canonical version, after a fruitless 10-year siege, the Greeks constructed a huge wooden horse, and hid a select force of men inside...
from the Trojan WarTrojan WarIn Greek mythology, the Trojan War was waged against the city of Troy by the Achaeans after Paris of Troy took Helen from her husband Menelaus, the king of Sparta. The war is among the most important events in Greek mythology and was narrated in many works of Greek literature, including the Iliad...
, with conceptually similar function of deceiving defenders into bringing an intruder inside.)
Viruses
- A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Therefore, a computer virus behaves in a way similar to a biological virusVirusA virus is a small infectious agent that can replicate only inside the living cells of organisms. Viruses infect all types of organisms, from animals and plants to bacteria and archaea...
, which spreads by inserting itself into living cells.
- While some are harmless or mere hoaxes most computer viruses are considered malicious.
Worms
- Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.
Key loggers
- A key logger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Some key loggers uses virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security. As an example, a business might have a key logger on a computer used at a point of salePoint of salePoint of sale or checkout is the location where a transaction occurs...
and data collected by the key logger could be used for catching employee fraud.
Notable security hackers
- Kevin MitnickKevin MitnickKevin David Mitnick is a computer security consultant, author, and hacker. In the late 20th century, he was convicted of various computer- and communications-related crimes. At the time of his arrest, he was the most-wanted computer criminal in the United States.-Personal life:Mitnick grew up in...
is a computer security consultant and author, formerly the most wanted computer criminal in United StatesUnited StatesThe United States of America is a federal constitutional republic comprising fifty states and a federal district...
history. - Eric Corley (also known as Emmanuel GoldsteinEmmanuel GoldsteinEmmanuel Goldstein is a character in George Orwell's classic dystopian novel Nineteen Eighty-Four. He is the number one enemy of the people according to Big Brother and the Party, who heads a mysterious and possibly fictitious anti-party organization called The Brotherhood...
) is the long standing publisher of 2600: The Hacker Quarterly. He is also the founder of the H.O.P.E.H.O.P.E.HOPE is a conference series sponsored by the hacker magazine 2600: The Hacker Quarterly. Held biennially in the summer, there have been eight conferences to date with the next scheduled for 13 - 15 July 2012.- HOPE: Hackers On...
conferences. He has been part of the hacker community since the late '70s. - Gordon Lyon, known by the handle Fyodor, authored the Nmap Security ScannerNmapNmap is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a "map" ofthe network...
as well as many network security books and web sites. He is a founding member of the Honeynet ProjectHoneynet projectThe Honeynet Project is a leading international security research organization, dedicated to investigating the latest attacks, developing open source security tools to improve Internet security and learning how malicious hackers behave...
and Vice President of Computer Professionals for Social ResponsibilityComputer Professionals for Social ResponsibilityComputer Professionals for Social Responsibility is a global organization promoting the responsible use of computer technology. in 1983 . It educates policymakers and the public on a wide range of issues...
. - Solar Designer is the pseudonym of the founder of the Openwall ProjectOpenwall ProjectThe Openwall Project is a source for various software, including Openwall GNU/*/Linux , a security-enhanced operating system designed for servers...
. - Rafael NúñezRafael Núñez (hacker)Rafael Núñez is a white hat computer hacker who used to be a member of the World of Hell and a retired model from Venezuela....
aka RaFa was a notorious most wanted hacker by the FBI since 2001. - Michał Zalewski (lcamtuf) is a prominent security researcher.
- Gary McKinnonGary McKinnonGary McKinnon is a Scottish systems administrator and hacker who has been accused of what one U.S. prosecutor claims is the "biggest military computer hack of all time," although McKinnon himself states that he was merely looking for evidence of free energy suppression and a cover-up of UFO...
is a Scottish hacker facing extraditionExtraditionExtradition is the official process whereby one nation or state surrenders a suspected or convicted criminal to another nation or state. Between nation states, extradition is regulated by treaties...
to the United StatesUnited StatesThe United States of America is a federal constitutional republic comprising fifty states and a federal district...
to face charges of perpetrating what has been described as the "biggest military computer hack of all time".
Hacker magazines
The most notable hacker-oriented magazine publications are PhrackPhrack
Phrack is an ezine written by and for hackers first published November 17, 1985. Described by Fyodor as "the best, and by far the longest running hacker zine," the magazine is open for contributions by anyone who desires to publish remarkable works or express original ideas on the topics of interest...
, Hakin9
Hakin9
Hakin9 is a free, online, monthly publication on IT Security. The magazine is published in English and is available in the Internet as a free download....
and 2600: The Hacker Quarterly
2600: The Hacker Quarterly
2600: The Hacker Quarterly is an American publication that specializes in publishing technical information on a variety of subjects including telephone switching systems, Internet protocols and services, as well as general news concerning the computer "underground" and left wing, and sometimes ,...
. While the information contained in hacker magazines and ezines was often outdated, they improved the reputations of those who contributed by documenting their successes.
Hackers in fiction
Hackers often show an interest in fictional cyberpunkCyberpunk
Cyberpunk is a postmodern and science fiction genre noted for its focus on "high tech and low life." The name is a portmanteau of cybernetics and punk, and was originally coined by Bruce Bethke as the title of his short story "Cyberpunk," published in 1983...
and cyberculture
Cyberculture
Cyberculture is the culture that has emerged, or is emerging, from the use of computer networks for communication, entertainment and business. It is also the study of various social phenomena associated with the Internet and other new forms of network communication, such as online communities,...
literature and movies. Absorption of fictional pseudonym
Pseudonym
A pseudonym is a name that a person assumes for a particular purpose and that differs from his or her original orthonym...
s, symbols, values, and metaphor
Metaphor
A metaphor is a literary figure of speech that uses an image, story or tangible thing to represent a less tangible thing or some intangible quality or idea; e.g., "Her eyes were glistening jewels." Metaphor may also be used for any rhetorical figures of speech that achieve their effects via...
s from these fictional works is very common.
Books portraying hackers:
- The cyberpunkCyberpunkCyberpunk is a postmodern and science fiction genre noted for its focus on "high tech and low life." The name is a portmanteau of cybernetics and punk, and was originally coined by Bruce Bethke as the title of his short story "Cyberpunk," published in 1983...
novels of William GibsonWilliam GibsonWilliam Gibson is an American-Canadian science fiction author.William Gibson may also refer to:-Association football:*Will Gibson , Scottish footballer...
— especially the Sprawl Trilogy — are very popular with hackers. - Merlin, the protagonist of the second series in The Chronicles of AmberThe Chronicles of AmberThe Chronicles of Amber is group of novels that comprise a fantasy series written by Roger Zelazny. The main series consists of two story arcs, each five novels in length. Additionally, there are a number of Amber short stories and other works....
by Roger ZelaznyRoger ZelaznyRoger Joseph Zelazny was an American writer of fantasy and science fiction short stories and novels, best known for his The Chronicles of Amber series...
is a young immortal hacker-mage prince who has the ability to traverse shadow dimensions. - Hackers (short stories)Hackers (short stories)Hackers is an anthology of short stories edited by Jack Dann and Gardner Dozois. It contains stories by noted science fiction and cyberpunk writers of the late 1980s and early 1990s about hackers.-"Burning Chrome":...
- Snow CrashSnow CrashSnow Crash is Neal Stephenson's third novel, published in 1992. Like many of Stephenson's other novels it covers history, linguistics, anthropology, archaeology, religion, computer science, politics, cryptography, memetics, and philosophy....
- Helba from the .hack.hack.hack is a Japanese multimedia franchise that encompasses two projects; Project .hack and .hack Conglomerate. Both projects were primarily created/developed by CyberConnect2, and published by Bandai...
manga and anime series. - Little BrotherLittle Brother (Cory Doctorow novel)Little Brother is a novel by Cory Doctorow, published by Tor Books. It was released on April 29, 2008. The novel is about several teenagers in San Francisco who, in the aftermath of a terrorist attack on the San Francisco – Oakland Bay Bridge and BART system, defend themselves against the...
by Cory DoctorowCory DoctorowCory Efram Doctorow is a Canadian-British blogger, journalist, and science fiction author who serves as co-editor of the blog Boing Boing. He is an activist in favour of liberalising copyright laws and a proponent of the Creative Commons organization, using some of their licences for his books... - Rice TeaRice teaRice tea may refer to:*Hyeonmi cha, a Korean tisane made from boiled toasted short-grain brown rice*Genmaicha, a Japanese tea made from green tea leaves and toasted short-grain brown rice...
by Julien McArdle - Lisbeth Salander in The Girl with the Dragon TattooThe Girl with the Dragon TattooThe Girl with the Dragon Tattoo is an award-winning crime novel by Swedish author and journalist Stieg Larsson. It is the first book in the trilogy known as the "Millennium series"....
by Stieg LarssonStieg LarssonKarl Stig-Erland Larsson , who wrote professionally as Stieg Larsson, was a Swedish journalist and writer, born in Skelleftehamn outside Skellefteå. He is best known for writing the "Millennium series" of crime novels, which were published posthumously...
Films also portray hackers:
- CypherCypher (film)Cypher , is a 2002 science fiction thriller film starring Jeremy Northam and Lucy Liu. The film was written by Brian King and directed by Vincenzo Natali. The film was shown in limited release in theaters in the USA, and released on DVD on August 2nd 2005.-Plot:Morgan Sullivan, a recently...
- TronTron (film)Tron is a 1982 American science fiction film written and directed by Steven Lisberger, and released by Walt Disney Pictures. It stars Jeff Bridges as the protagonist Kevin Flynn; Bruce Boxleitner in a dual role as security program Tron and Tron's "User", computer programmer Alan Bradley; Cindy...
- Tron Legacy
- WarGamesWarGamesWarGames is a 1983 American Cold War suspense/science-fiction film written by Lawrence Lasker and Walter F. Parkes and directed by John Badham. The film stars Matthew Broderick and Ally Sheedy....
- The Matrix seriesThe Matrix seriesThe Matrix is a science fiction action franchise created by Andy and Larry Wachowski and distributed by Warner Bros. Pictures. The series began with the 1999 film The Matrix and later spawned two sequels; The Matrix Reloaded and The Matrix Revolutions, both released in 2003, thus forming a trilogy...
- HackersHackers (film)Hackers is a 1995 American thriller film directed by Iain Softley and starring Angelina Jolie, Jonny Lee Miller, Renoly Santiago, Matthew Lillard, Lorraine Bracco and Fisher Stevens...
- SwordfishSwordfish (film)Swordfish is a 2001 crime-thriller film, directed by Dominic Sena and starring John Travolta, Hugh Jackman, Halle Berry, Don Cheadle and Vinnie Jones. The film is an action thriller that was also notable for Halle Berry's first topless scene...
- The Net
- The Net 2.0The Net 2.0 (film)The Net 2.0 is a 2006 direct-to-video written by Rob Cowan and directed by Charles Winkler. It is a sequel to the 1995 film The Net directed by his father Irwin Winkler but has a separate plot.- Plot :...
- AntitrustAntitrust (film)Antitrust is a 2001 thriller film written by Howard Franklin and directed by Peter Howitt....
- Enemy of the State
- SneakersSneakers (film)Sneakers is a 1992 caper film directed by Phil Alden Robinson, written by Robinson, Walter F. Parkes, and Lawrence Lasker and starring Robert Redford, Dan Aykroyd, Ben Kingsley, Mary McDonnell, River Phoenix, Sidney Poitier and David Strathairn...
- UntraceableUntraceableUntraceable is a 2008 American thriller film starring Diane Lane, Colin Hanks, Billy Burke, and Joseph Cross. It was directed by Gregory Hoblit and distributed by Screen Gems...
- FirewallFirewall (film)Firewall is a 2006 British-American thriller film directed by Richard Loncraine and written by Joe Forte. Harrison Ford stars as Jack Stanfield, a security expert at a bank faced with a corporate merger and the offer of a new job.-Plot:...
- Live Free or Die HardLive Free or Die HardLive Free or Die Hard , is a 2007 American action film, and the fourth installment in the Die Hard series. The film was directed by Len Wiseman and stars Bruce Willis as John McClane. The name was adapted from the state motto of New Hampshire, "Live Free or Die"...
- Eagle EyeEagle EyeEagle Eye is a 2008 thriller film directed by D. J. Caruso and starring Shia LaBeouf and Michelle Monaghan. The two portray a young man and a single mother who are brought together and coerced by an anonymous caller into carrying out a plan by a possible terrorist organization...
- Take Down
- Weird ScienceWeird Science (film)Weird Science is a 1985 American teen comedy film written and directed by John Hughes and starring Anthony Michael Hall, Ilan Mitchell-Smith, and Kelly LeBrock...
- Pirates of Silicon ValleyPirates of Silicon ValleyPirates of Silicon Valley is a 1999 made-for-television film directed by Martyn Burke and based on the book Fire in the Valley: The Making of The Personal Computer by Paul Freiberger and Michael Swaine. The film documents the impact on the development of the personal computer of the rivalry between...
(related to hacker like Steve JobsSteve JobsSteven Paul Jobs was an American businessman and inventor widely recognized as a charismatic pioneer of the personal computer revolution. He was co-founder, chairman, and chief executive officer of Apple Inc...
, not crackers)
Non-fiction books
- Hacking: The Art of Exploitation, Second Edition by Jon Erickson
- The Hacker CrackdownThe Hacker CrackdownThe Hacker Crackdown: Law and Disorder on the Electronic Frontier is a work of nonfiction by Bruce Sterling first published in 1992.The book discusses watershed events in the hacker subculture in the early 1990s...
- The Art of IntrusionThe Art of IntrusionThe Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers is a book by Kevin Mitnick that is a collection of stories about social engineering as performed by other hackers. Each story ends by summarizing insight into the attack as well as measures to defend...
by Kevin D. Mitnick - The Art of DeceptionThe Art of DeceptionThe Art of Deception is a book by Kevin Mitnick that covers the art of social engineering. Part of the book is composed of real stories, and examples of how social engineering can be combined with hacking....
by Kevin D. Mitnick - Ghost in the Wires by Kevin D. Mitnick
- Takedown
- The Hacker's HandbookThe Hacker's HandbookThe Hacker's Handbook is a non-fiction book from the 1980s effectively explaining how computer systems of the period were hacked. It contains candid and personal comments from the book's British author, Hugo Cornwall, a pseudonym of Peter Sommer who is now a Research Fellow in Information Systems...
- The Cuckoo's Egg by Clifford Stoll
- Underground by Suelette Dreyfus
- Stealing the Network: How to Own the Box, How to Own an Identity, and How to Own an Continent by various authors
Fiction books
- Ender's GameEnder's GameEnder's Game is a science fiction novel by American author Orson Scott Card. The book originated as the short story "Ender's Game", published in the August 1977 issue of Analog Science Fiction and Fact. Elaborating on characters and plot lines depicted in the novel, Card later wrote additional...
- NeuromancerNeuromancerNeuromancer is a 1984 novel by William Gibson, a seminal work in the cyberpunk genre and the first winner of the science-fiction "triple crown" — the Nebula Award, the Philip K. Dick Award, and the Hugo Award. It was Gibson's debut novel and the beginning of the Sprawl trilogy...
- Evil Genius (novel)Evil Genius (novel)Evil Genius is a novel written by Catherine Jinks and published in 2005 by Allen & Unwin, Australia. The book follows the story of Cadel Piggot, a child prodigy.-Synopsis:...
- Snow CrashSnow CrashSnow Crash is Neal Stephenson's third novel, published in 1992. Like many of Stephenson's other novels it covers history, linguistics, anthropology, archaeology, religion, computer science, politics, cryptography, memetics, and philosophy....
See also
- Hacker (programmer subculture)
- Black hatBlack hatA black hat is the villain or bad guy, especially in a western movie in which such a character would stereotypically wear a black hat in contrast to the hero's white hat, especially in black and white movies....
- Computer crimeComputer crimeComputer crime, or cybercrime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s security and financial health...
Computer hacking
- Cyber spyingCyber spyingCyber spying or Cyber espionage is the act or practice of obtaining secrets without the permission of the holder of the information , from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using illegal exploitation methods on...
- Cyber Storm ExerciseCyber Storm ExerciseThe Cyber Storm exercise was a simulated exercise overseen by the Department of Homeland Security that took place February 6 through February 10, 2006 with the purpose of testing the nations defenses against digital espionage...
- Cyber warfare
- Exploit (computer security)Exploit (computer security)An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic...
- Grey hatGrey hatA grey hat, in the hacking community, refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra. It may relate to whether they sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities...
- Hack value
- Hacker ManifestoHacker ManifestoThe Conscience of a Hacker is a small essay written January 8, 1986 by a computer security hacker who went by the handle of The Mentor . It was written after the author's arrest, and first published in the underground hacker ezine Phrack in Volume One, Issue 7, Phile 3 of 10...
- Hacker (term)
- HacktivismHacktivismHacktivism is the use of computers and computer networks as a means of protest to promote political ends. The term was first coined in 1994 by a member of the Cult of the Dead Cow hacker collective named Omega...
- IT riskIT riskInformation technology risk, or IT risk, IT-related risk, is a risk related to information technology. This relatively new term due to an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real world processes it...
- List of notable hackers
- Mathematical beautyMathematical beautyMany mathematicians derive aesthetic pleasure from their work, and from mathematics in general. They express this pleasure by describing mathematics as beautiful. Sometimes mathematicians describe mathematics as an art form or, at a minimum, as a creative activity...
- Metasploit
- Penetration testPenetration testA penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders and malicious insiders...
- Technology assessmentTechnology assessmentTechnology assessment Technology assessment Technology assessment (TA, German Tenteractive, and communicative process that aims to contribute to the formation of public and political opinion on societal aspects of science and technology.- General description :...
- Vulnerability (computing)Vulnerability (computing)In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
- White hat
- Wireless hackingWireless hackingCracking of wireless networks is the penetration of wireless networks. A wireless network can be penetrated in a number of ways. These ways vary greatly in the level of computer skill and commitment they require. Once within a network, a skilled hacker can modify software, network settings, other...
Related literature
- “Dot.Con: The Dangers of Cyber Crime and a Call for Proactive Solutions,” by Johanna Granville, Australian Journal of Politics and History, vol. 49, no. 1. (Winter 2003), pp. 102–109.