Hackers

Out of all the different groups that comprise the computer underground, ‘hackers’ are the most complex to specifically identify. Typically, the term is used in the media to define someone who breaks into computers, usually illegally. Some hackers even divide themselves into white hat, gray hat and black hat hackers; the use of a colored hat being a nod to the western movies. White hat hackers only use their skills to expand their knowledge and the knowledge of the community by following the law. This is usually done through testing exploits and other techniques on their own systems or on other systems with permission from the owner. Black hat hackers primarily break the law and may use their skills for personal gain or destruction without contributing to the community. Black hat hackers are usually labeled as crackers. Gray hat hackers fall in the middle where they do not intend to break the law but they will not let that stop them if it will increase their knowledge. For example, a gray hat hacker would not intend to break into a to cause damage or steal files, but instead to test their skills. A majority of hackers may be considered gray hat hackers. Note that all of these people may call themselves just “hacker” and then follow that up by saying, well I’m a (white, gray, black) hat hacker if asked.
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum
necessary.

2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.

3. A person capable of appreciating hack value.

4. A person who is good at programming quickly.

5. An expert at a particular program, or one who frequently does work using it or on it; as in "a Unix hacker". (Definitions 1 through 5 are correlated, and people who fit
them congregate.)

6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.

7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.

8. (Deprecated) A malicious meddler who tries to discover sensitive information by poking around. Hence "password hacker", "network hacker". The correct term is cracker.

The term "hacker" also tends to connote membership in the global community defined by the net (see The Network and Internet address). It also implies that the person described is seen to subscribe to some version of the hacker ethic.

It is better to be described as a hacker by others than to describe oneself that way. Hackers consider themselves something of an elite (a meritocracy based on ability), though one to which new members are gladly welcome. Thus while it is gratifying to be called a hacker, false claimants to the title are quickly labeled as "bogus" or a "wannabee".

The Free On-line Dictionary of Computing, © 1993-2003 Denis Howe

a. Hacking Techniques

Although this guide does not focus on specific hacking techniques, it is important to briefly discuss the three main techniques that are used throughout the computer underground so that there is some context for the rest of the guide. Most techniques can be classified as an exploit, brute force, or social engineering. Exploits have become the most popular technique. An exploit is a vulnerability in software that can be used to attack a system or to defeat the security of system (by bypassing or breaking into it). Usually, a program or piece of code is used to take advantage of this exploit. For example, most worms take advantage of an exploit in Microsoft operating systems or programs in order to propagate and cause damage.
Brute force is the systematic attempt at trying to accomplish a goal, usually breaking a code or password, by trying every single combination or possible solution. Programs that try every single combination until the right one is found is often used, although manual brute force is not unheard of. However, brute force does not always mean that no thought is involved. For example, a dictionary attack can be used to reduce the amount of time it takes. War dialing can also be considered a type of brute force although in a different sense.
Finally, the most over looked of all hacking techniques is social engineering. Put most simply, it is the use of knowledge to trick someone into giving up trusted information that can then be used to eventually gain access to something, usually a computer system. This was made to look too easy in the beginning of the 1995 movie Hackers. Most social engineering is done by phone. Knowledge gained from the Internet or dumpster diving is used to impress upon the target that the person calling is legitimate. The person calling usually poses as a specific person or a fictitious one with a real title. Also, not all of the pieces of information need to be gained at the same time. The target may feel less reluctant to give up a piece of information instead of all of it. Several phone calls are made to gather each piece of information. Then, the person places a call and relays all of the information to a target which makes the person seems much more believable. Passwords, URLs, and phone numbers are the usual targets of social engineering. This information is then used to subsequently carry out an attack.