Forwarded from: Thomas C. Greene <tcgreeneat_private> i've always been dissatisfied with the vagueness of both terms, hacking and cracking. neither says anything about motivation. since i used to write about this stuff a great deal, i came up with a scheme that makes sense - at least to me. i'd like to share it for what it's worth. to give my own column some consistency, i decided that both words should be neutral in terms of motive. that is, hacker or cracker is not a synonym for 'computer criminal', but malicious hacker or malicious cracker might be. we could distinguish between a hacker and a cracker by saying that hacking is a very general term referring to any exploration of software or hardware or a system where one hasn't got the source code, the schematics, or the layout. so hacking is learning about a closed system by essentially 'fiddling about in the dark' until something unexpected happens, followed by an analysis of why that should be, leading to further experimenting and ultimately to insight about how the thing we're looking at works. thus hacking is both empirical and analytical, sharing much with the scientific method. often, hacking leads to useful modifications of existing software, hardware or systems, which the designers didn't anticipate. this can be good or bad depending on the hacker's motives. 'cracker' was a poor attempt at distinguishing 'hacker' from 'criminal' - an association the mainstream press was all too eager to make. to me a cracker is an offensively-white dork like trent lott, but that's a topic for another rant. i never thought we needed the term cracking in the technology lexicon, but we're stuck with it now so i suppose we can use it to indicate a particular subset of hacking, that is to defeat electronic security measures. we've always spoken of 'cracking' a passfile, say, or a cipher, so it makes sense to use cracking to indicate the electronic equivalent of picking locks. again, this can be done merely to illustrate security flaws, or to steal something protected electronically. a cracker can do good or bad depending on his motives. we still need a modifier to indicate motive. 'black hat' and 'white hat' are already cluttering the lexicon, so why not put them to use? thus one might be a black hat hacker, or a white hat cracker, depending on what one hopes to accomplish. t. On Thursday 12 December 2002 3:50 am, InfoSec News wrote: > Forwarded from: Robert G. Ferrell <rferrellat_private> > > At 02:23 AM 12/11/02 -0600, you wrote: > > In early October, I wrote a column about how words influence the way > > we view and act upon situations. I made specific reference to the > > word "hacker" and how the word seems innocent, even cute. But I said > > it actually describes an action that is criminal. > > If you think "hacker" is innocent or cute, you need to spend some > time with Mr. Webster: > > "One who cuts or severs with repeated irregular or unskillful blows" > "One who cuts or shapes by or as if by crude or ruthless strokes" > > Charming. > > Of course, the same dictionary now lists hacking as "gaining > access to a computer illegally," but that is the direct result of the > persistent misuse of the term by a careless and lazy press, > more interested in sensationalism than, say, accuracy. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Dec 13 2002 - 05:17:10 PST