From Wikipedia, the free encyclopedia
The terms hacker and hack are marked by contrasting positive and negative connotations. Computer programmers often use the words hacking and hacker to express admiration for the work of a skilled software developer (but may also use them in a negative sense to describe the production of inelegant kludges). Some frown upon using hacking as a synonym for security cracking — in distinct contrast to the larger world, in which the word hacker is typically used to describe someone who “hacks into” a system by evading or disabling security measures.
While “hack” was originally more used as a verb for “messing about” with (e.g. “I hack around with computers”), the meaning of the term has shifted over the decades since it first came into use in a computer context. As usage has spread more widely, the primary meaning of newer users of the word has shifted to one which conflicts with the original primary emphasis.
Currently, “hacker” is used in two main ways, one pejorative and one complimentary. In popular usage and in the media, it most often refers to computer intruders or criminals, with associated pejorative connotations. (For example, “An Internet ‘hacker’ broke through state government security systems in March.”) In the computing community, the primary meaning is a complimentary description for a particularly brilliant programmer or technical expert. (For example, “Linus Torvalds, the creator of Linux, is considered by some to be a genius ‘hacker’.”) A large segment of the technical community insist the latter is the “correct” usage of the word (see the Jargon File definition below).
The mainstream media‘s current usage of the term may be traced back to the early 1980s (see History). When the term was introduced to wider society by the mainstream media in 1983, even those in the computer community referred to computer intrusion as “hacking”, although not as the exclusive use of that word. In reaction to the increasing media use of the term exclusively with the criminal connotation, the computer community began to differentiate their terminology. Several alternative terms such as “black hat” and “cracker” were coined in an effort to distinguish between those performing criminal activities, and those whose activities were the legal ones referred to more frequently in the historical use of the term “hack“. Analogous terms such as “white hats” and “gray hats” developed as a result. However, since network news use of the term pertained primarily to the criminal activities despite this attempt by the technical community to preserve and distinguish the original meaning, the mainstream media and general public continue to describe computer criminals with all levels of technical sophistication as “hackers” and does not generally make use of the word in any of its non-criminal connotations.
As a result of this difference, the definition is the subject of heated controversy. The wider dominance of the pejorative connotation is resented by many who object to the term being taken from their cultural jargon and used negatively, including those who have historically preferred to self-identify as hackers. Many advocate using the more recent and nuanced alternate terms when describing criminals and others who negatively take advantage of security flaws in software and hardware. Others prefer to follow common popular usage, arguing that the positive form is confusing and unlikely to become widespread in the general public. A minority still stubbornly use the term in both original senses despite the controversy, leaving context to clarify (or leave ambiguous) which meaning is intended. It is noteworthy, however, that the positive definition of hacker was widely used as the predominant form for many years before the negative definition was popularized.
“Hacker” can therefore be seen as a shibboleth, identifying those who use the technically-oriented sense (as opposed to the exclusively intrusion-oriented sense) as members of the computing community.
A possible middle ground position has been suggested, based on the observation that “hacking” describes a collection of skills which are used by hackers of both descriptions for differing reasons. The analogy is made to locksmithing, specifically picking locks, which — aside from its being a skill with a fairly high tropism to ‘classic’ hacking — is a skill which can be used for good or evil. The primary weakness of this analogy is the inclusion of script kiddies in the popular usage of “hacker”, despite the lack of an underlying skill and knowledge base.
Similar, synonymous and related terms, which are not mutually exclusive, or universally accepted:
- Hacker may mean simply a person with mastery of computers; however the mass media most often uses “hacker” as synonymous with a (usually criminal) computer intruder. See hacker, and Hacker definition controversy.
- White hat: An ethical hacker who breaks security but who does so for altruistic or at least non-malicious reasons. White hats generally have a clearly defined code of ethics, and will often attempt to work with a manufacturer or owner to improve discovered security weaknesses, although many reserve the implicit or explicit threat of public disclosure after a “reasonable” time as a prod to ensure timely response from a corporate entity. The term is also used to describe hackers who work to deliberately design and code more secure systems. To white hats, the darker the hat, the more the ethics of the activity can be considered dubious. Conversely, black hats may claim the lighter the hat, the more the ethics of the activity are lost.
- Grey hat: A hacker of ambiguous ethics and/or borderline legality, often frankly admitted.
- Blue Hat: Refers to outside computer security consulting firms that are used to bug test a system prior to its launch, looking for exploits so they can be closed. The term has also been associated with a roughly annual security conference by Microsoft, the unofficial name coming from the blue color associated with Microsoft employee badges. Also see Big Blue.
- Black Hat: Someone who subverts computer security without authorization or who uses technology (usually a computer or the Internet) for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, or many other types of crime. This can mean taking control of a remote computer through a network, or software cracking.
- A black hat hacker. Often used to differentiate black hat hackers and the general (positive) sense of hacker. The use of the term began to spread around 1983, probably introduced both due to similar phonetic sound and as construction from the historical slang of safe cracker. Also theorized by some to be a portmanteau of the words criminal and hacker.
- A security hacker who uses password cracking or brute force attacks. Related to the term safe cracker.
- A software cracker. A person specialized in working around copy protection mechanisms in software. Note that software crackers are not involved in exploiting networks, but copy protected software.
- Script kiddie: A pejorative term for a computer intruder with little or no skill; a person who simply follows directions or uses a cook-book approach without fully understanding the meaning of the steps they are performing.
- Hacktivist is a hacker who utilizes technology to announce a political message. Web vandalism is not necessarily hacktivism.