Hackers !

[StephF]

When I see a news report about some hacker getting caught it usually says they are Aspies. I wonder if this is just because the newspapers like to hype the story to make it more news worthy or whether a lot of hackers are Aspies.

Do we have any hackers here ?

 

[Rudy Schmidt]

When I see a news report about some hacker getting caught it usually says they are Aspies. I wonder if this is just because the newspapers like to hype the story to make it more news worthy or whether a lot of hackers are Aspies.

Do we have any hackers here ?

When I was in my early teens, I went through a phase of wanting to be able to hack. I don't remember if the fear of prison put me off, or if I just quickly bounced onto the next obsession, but it didn't last long.

Nowadays, fear of prison, as well as sympathy for hacking victims would definitely keep me away.

 

[stanmgk]

A hacker is just a clever programmer, someone who enjoys programming, finding bugs, exploiting and fixing applications. So, if someone is a talented and curious programmer, he or she is a hacker.

I think they related hacking to Aspergers because hackers see things in different ways, have great problem-solving skills and are sometimes very obsessed with what they do.

 

[GoofKing]

A hacker is just a clever programmer, someone who enjoys programming, finding bugs, exploiting and fixing applications. So, if someone is a talented and curious programmer, he or she is a hacker.

I think they related hacking to Aspergers because hackers see things in different ways, have great problem-solving skills and are sometimes very obsessed with what they do.

Sometime during the mid-80's, the media started associating young malicious punks with the hackers your talking about :/

 

[King_Oni]

Hacking does go a long way as a definition and isn't limited to hacking and obtaining online data as such, something which most people link to hacking.

Hacking and getting peoples personal information, regardless on how sensitive it might (or even how insecure the location is) doesn't get much sympathy for me, even if it's just for the fact that I do care for my own privacy as well.

However, I think I've hacked enough things in my life in the way stanmgk points it out.

"A hacker is just a clever programmer, someone who enjoys programming, finding bugs, exploiting and fixing applications. So, if someone is a talented and curious programmer, he or she is a hacker."

I've fooled around with coding in games and software enough back in my teens to make it either work better in general or better for my own needs. It was also a time where I didn't have an internet connection yet. Perhaps 2 things are relevant for me here; the fact that I might've gotten bored and ended up hacking, but because of the lack of internet, I kept it to software and not other peoples data. And also the fact that I care to have software work better for my own use rather than collect data. It's one of those moments where it might pay off more to be a bit egotistical person, cause I didn't care about others and other peoples data and just wanted things to improve for me.. and just me.

Alongside stanmgk 's definition in this post here; I've also playtested some videogames in the past looking for bugs and things like that. Not hacking, but it touches upon the definition as such.

 

[Rudy Schmidt]

I just realized I made a great big prejudiced oopsie by assuming a hacker was, by definition, also a criminal. :/ My apologies.

 

[KassieMac]

When I started programming in the 80s, 'hacking' basically referred to getting the computer & software to do something more than it was originally designed for. Understanding the code & the unintended side effects of certain commands meant you could take advantage of these side effects in new & interesting ways.

The term seemed to evolve, though, to mean gaining access into a protected system without authorization … or at least that's how it's used by the general public. Still, that's not necessarily a bad thing, it all depends on one's intent & what they do once they've gained access. So you'll sometimes see the terms 'white-hat' or 'black-hat' hackers … though the white-hat hackers rarely get mentioned in mainstream media. I guess bad guys attract more attention than people who use their skills for good purposes.

 

[GoofKing]

When I started programming in the 80s, 'hacking' basically referred to getting the computer & software to do something more than it was originally designed for. Understanding the code & the unintended side effects of certain commands meant you could take advantage of these side effects in new & interesting ways.

The term seemed to evolve, though, to mean gaining access into a protected system without authorization … or at least that's how it's used by the general public. Still, that's not necessarily a bad thing, it all depends on one's intent & what they do once they've gained access. So you'll sometimes see the terms 'white-hat' or 'black-hat' hackers … though the white-hat hackers rarely get mentioned in mainstream media. I guess bad guys attract more attention than people who use their skills for good purposes.

I had a liking for ethical hacking, or white-hat hacking to help out people against malicious jerks who think someone's system should be owned and ruined by them, just because their victims are not as tech savvy as they are and because they can run a script or two :/ Big whoop dee do for them

Sadly I'm still confused about the correct term of what a hacker is and isn't. Jargon File Resources seems to define a hacker as some sort of sub-cultural programming community, who has developed their own Jargon over the years to exclude what I define as crackers and script kiddies. The thing is from some of the things I've read, hacking is more of a lifestyle of endlessly seeking and learning new things, despite if it's used for making programs do beneficial things it wasn't intended for or for seeking malicious knowledge to destroy systems :/

 

[KassieMac]

I'm not as closely connected to the programming community anymore, though I still do tech support. For that (and because it's interesting to me) I still keep tabs on tech news. They'll often report on hacking conferences, or when vulnerabilities are reported to the software companies (and how long it takes them to get patched). What to do in the meantime to stay safe, when to change passwords, stuff like that.

 

[Judge]

Sadly I'm still confused about the correct term of what a hacker is and isn't.

I just view it in a rather simplistic twofold manner. The "old school" definition (which KassieMac covered) and the most current version with very negative connotations which seems rather universal.

 

[Sev]

DISCLAIMER: Some people just want to watch the world burn, so what I say will not always be the case.

I would say that there are remarkable similarities between malicious hackers and the general, stereotyped Aspie (while stereotypes aren't always true, most times they exist for a reason). I thought I might share this manifesto as its probably one of the only pieces of literature that actually give any kind of true representation of the general hacker: LINK: .:: Phrack Magazine ::.

I would say that there are a few key things needed to be a hacker:

• A poor or limited social life that involves very little friends or family interaction
• The time required to deeply master a particular task
  
• An obsession with programming

A Coder, a Programmer, a Hacker, a Developer, and a Computer Scientist walk into a Venn Diagram - Scott Hanselman

Hanselman, in his blog here, says that hackers often master only one singular task but have a tremendous understanding of everything relating to that task. This really just sounds like an Aspie who has an obsession, you always here about the train stereotype for example. Some people with ASD just know a small "bit" of knowledge, but know it at a very scary level.

People on the autism spectrum typically tick the appropriate boxes, at least in my opinion. With this in mind I'm actually not that surprised that so many Aspies are alleged hackers. I'm a computer programmer and I really enjoy altering other people's code (open source), because I believe that I can improve the quality of the product (which can have a positive effect even if it just helps one or two people). I'm obviously not a malicious hacker.

You just need to visit places such as sourceforge and github to see the amazing programs that non-malicious hackers are building, free of cost, to simply improve our way of life. I see more good in open source communities then I do in real life.

If society was more accepting of 'different' individuals I think we would see a lot less malicious hackers in the world, but while society continues to drive out the obsessive programmers we will see no end to internet crime. How can you treat someone poorly, and expect them to respect your laws?

 

[StephF]

I kinda view hackers as similar to the sorts of people who correct your facts or grammar in a sentence.

"Ugh, a bug ?" "It's not technically a bug as bugs fall into the order Hemiptera and have moving mouth parts."
whereas in the coding world we get
Coder: "Let's do it this way, it's quick, easy and requires little code"
Hacker: " You've failed to sanitize your web input, allowing me to inject SQL statements direct to your database!"

I'd probably classify myself somewhere between a White Hat and a Grey Hat.
I'm not interested in stealing credit card info, I don't want to steal your identity. I just want to metaphorically, stand on a high point and shout
" Hey Stupid, do the job properly next time !! "

Whenever Microsoft release a bug fix for a problem, they then have to release a second patch to solve the problems they introduced in the first patch and so it goes on.

Viva la Linux

 

[Judge]

I must say, I really miss the "old school" definition of a hacker.

I had so much fun years ago optimizing my autoexec.bat and config.sys files in DOS 3.3 and 5.0. And then all the .ini and registry files in various versions of Microsoft Windows.

Yeah...Linux looks more fun all the time. I just need to secure that new SSD drive and use a 5.25 drive bay so it can be removeable so I can swap back and forth between Windows 7 and some version of Linux. Probably Ubuntu.

Did I hack Windows 7? Hell yes. Nothing fancy...but I just LOVE tinkering with an OS to make it something it wasn't out of the box.

 

[dragonwolf]

A Coder, a Programmer, a Hacker, a Developer, and a Computer Scientist walk into a Venn Diagram - Scott Hanselman

I love this article solely for the Venn diagram.

When I started programming in the 80s, 'hacking' basically referred to getting the computer & software to do something more than it was originally designed for. Understanding the code & the unintended side effects of certain commands meant you could take advantage of these side effects in new & interesting ways.

The term seemed to evolve, though, to mean gaining access into a protected system without authorization … or at least that's how it's used by the general public. Still, that's not necessarily a bad thing, it all depends on one's intent & what they do once they've gained access. So you'll sometimes see the terms 'white-hat' or 'black-hat' hackers … though the white-hat hackers rarely get mentioned in mainstream media. I guess bad guys attract more attention than people who use their skills for good purposes.

This is exactly what hacking still means to everyone except the non-tech people. To be a hacker is to understand a thing in such a way or to such an extent that you can do things with it most people wouldn't think of doing, usually beyond the original intent of the thing.

The media, however, decided to use "hacker," because "hacker" sounds better than "cracker" -- and arguably less racist or sounding like something from Ritz.

Even then, not all of the people dubbed "hacker" by the media are actually or necessarily crackers in the sense that most people think of it. Kevin Mitnick, for example, was a social engineer and phreaker. The vast, vast majority of his black-hat work was done through tapping into the phone lines (phreaking), or simply manipulating people to get what he wanted to gain access to things (social engineering). Beyond that, the computer was just a way to access the systems he had already broken into.

White-hats don't get mentioned, because they've stopped things from happening, so there's nothing newsworthy (yes, it's a very thankless job). They're also not generally known as hackers at all by the general public, but rather "Chief Information Security Officer," "Security Analyst," "Penetration Tester" or any other security-related job title. It's thankless and unknown, but you can rake in some serious cash in that business.

 

[KassieMac]

I love this article solely for the Venn diagram.



This is exactly what hacking still means to everyone except the non-tech people. To be a hacker is to understand a thing in such a way or to such an extent that you can do things with it most people wouldn't think of doing, usually beyond the original intent of the thing.

The media, however, decided to use "hacker," because "hacker" sounds better than "cracker" -- and arguably less racist or sounding like something from Ritz.

Even then, not all of the people dubbed "hacker" by the media are actually or necessarily crackers in the sense that most people think of it. Kevin Mitnick, for example, was a social engineer and phreaker. The vast, vast majority of his black-hat work was done through tapping into the phone lines (phreaking), or simply manipulating people to get what he wanted to gain access to things (social engineering). Beyond that, the computer was just a way to access the systems he had already broken into.

White-hats don't get mentioned, because they've stopped things from happening, so there's nothing newsworthy (yes, it's a very thankless job). They're also not generally known as hackers at all by the general public, but rather "Chief Information Security Officer," "Security Analyst," "Penetration Tester" or any other security-related job title. It's thankless and unknown, but you can rake in some serious cash in that business.

The ones I really get a kick out of are sort of 'freelance' white-hat hackers … they'll report their findings to the offending company and the software gets fixed. What's fun is when the company doesn't patch their software, sometimes the hackers will exploit the vulnerability in a public but benign way. It embarrasses the company and pisses them off, but they're forced to fix the problem. You've got to admire those guys, standing up for our security even though they're not getting paid for it at all.

 

[StephF]

Oh yes indeed. There are so many companies who believe in Security Through Obscurity. Microsoft for one, they are like, "Bug, what bug ?".
I think a fair thing to do would be to to inform the manufacturer and wait for a week. Then register the bug with to get a CVE, Common Vulnerabilities & Exploits. Then wait another fortnight and then release Proof of Concept code (POC) to the wild world in general.
That puts the onus for fixing it on the company that created it.

 

[KassieMac]

Oh yes indeed. There are so many companies who believe in Security Through Obscurity. Microsoft for one, they are like, "Bug, what bug ?".
I think a fair thing to do would be to to inform the manufacturer and wait for a week. Then register the bug with to get a CVE, Common Vulnerabilities & Exploits. Then wait another fortnight and then release Proof of Concept code (POC) to the wild world in general.
That puts the onus for fixing it on the company that created it.

A week, seriously?? I'm guessing you haven't worked much with that large a codebase before. Giving them only three months is considered fairly aggressive.

 

[StephF]

I wasn't so much thinking in concrete figures when I wrote that. It was rather early and I hadn't had my coffee !!

 

[GoofKing]

If you guys ever get the chance, check a book called The guide to mostly harmless hacking because it's hilarious on how much it fails XD I'd call this the granddaddy of script-kiddie how-to's and any person with a once of technological knowledge would get a laugh or two out of it

I love how the author claimed to be a mother of four but wrote it like a young punk script kiddie and the outrageous claim about how M$ Windows is out doing Unix on web servers and how Windows is more secure because all the elite hackers are too busy hacking Unix than Windows XD This failure of a guide has a lot of stupid claims like this and it's plain to see how the author has very little knowledge of Unix or Linux (due to mentioning having a Unix/Linux shell) and the fact that it's more like a "Do this and then that" without really explaining the why behind it completely

 

[dragonwolf]

A week, seriously?? I'm guessing you haven't worked much with that large a codebase before. Giving them only three months is considered fairly aggressive.

I'd say a week is fair to acknowledge the bug and assign a priority to it (not fixed, necessarily, just acknowledged), before continuing to escalate the number of people outside the company made aware of it, especially if the report is well-written (as it should be, if you've taken the time to break into the system).