Go Backindex

Hacking and Hackers

an introduction

 

Related Articles
 
   
   
Related Resources
   
   

Definition

Hacking is to gain unauthorized access to a computer, either for fun or malicious or fraudulent purposes.
A person who practice's hacking is called a hacker.

Hacking does not allays mean breaking into computers.

Hacking also can be cracking a code (Enigma code during WWII) Or cracking the security coding of satellite TV or copy protection of data media like dongles, CD's, floppies, DVD's etc. This is often called cracking and the person doing that is called a cracker.

 

Summary

The following pages will and cannot serve as a hackers guide, for that the information is too generic. But the information below will perfectly serve to inform the reader to get a general idea on the subject.

 

The players:

Government and their enforcement, hackers, companies, security organizations

 

As authorities and contra's see it

  • Disrupting telecommunications by entering computerized telephone switches and changing the routing on the circuits of the computerized switches.
  • Stealing proprietary computer source code and information from companies and individuals that owned the code and information.
  • Stealing and modifying credit information on individuals maintained in credit bureau computers.
  • Fraudulently obtaining money and property from companies by altering the computerized information used by the companies.
  • Disseminating information with respect to their methods of attacking computers to other computer hackers in an effort to avoid the focus of law enforcement agencies and telecommunication security experts.

 

Now, there are always two sides of the story

As hackers see it

  • motto: 'Freedom of Information contra security by obscurity'
  • Using telecommunications for free by entering computerized telephone switches and changing the routing on the circuits of the computerized switches.
  • Studying computer source code and information from companies and individuals that are having security leaks in their systems and software.
  • Redistributing money and credit information maintained in credit bureau computers.
  • Obtaining money and property from companies by altering the computerized information used by the companies.
  • Disseminating information to other computer hackers in an effort to make the system safer and put focus of law enforcement agencies and telecommunication security experts to the systems flaws
  • The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing free software and facilitating access to information and to computing resources wherever possible.
  • The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality.

Both of these opinions are widely accepted , but by no means universally, among all parties involved. Most hackers subscribe to the hacker ethic, and many act on it by writing and giving away free software. A few go further and assert that *all* information should be free and *any* proprietary control of it is bad; this is the philosophy behind the GNU project.

More controversial: some people consider the act of cracking itself to be unethical, like breaking and entering. But the belief that 'ethical' cracking excludes destruction at least moderates the behavior of people who see themselves as 'benign' crackers. On this view, it may be one of the highest forms of hackerly courtesy to

  1. Break into a system,
  2. and then explain to the sysop, preferably by e-mail from a superuser account, exactly how it was done and how the hole can be plugged -- acting as an unpaid (and unsolicited) "tiger" team.

The most reliable manifestation of either version of the hacker ethic is that almost all hackers are actively willing to share technical tricks, software, and (where possible) computing resources with other hackers. Huge cooperative networks such as Usenet, FidoNet and Internet can function without central control because of this trait; they both rely on and reinforce a sense of community that may be hackerdom's most valuable asset.

 

Introduction

Surprisingly enough there is no distinct profile of a hacker. He or she comes from all creeds and breeds, old or young. Some see it as a sport: 'the thinkerers', others just want to get to the goodies, some are spies, some are just out to destroy the system, some are even anarchists, and some are pacifists trying to save the world and not to forget some are professionals unveiling the weaknesses of a particular system. They are rich, poor, wealthy, upper or lower class, blue color or white color, smart or just lucky. Hark! Computing does not make a difference.
But they ALL find a way to gain access into company and government computer systems.

Since not all humans are evenly smart and intelligent there are various types of hackers and methods to gain access to computers.

What would you need and need to know whilst to be or becoming a hacker:

Now you should understand why companies want to hire a caught hacker: he or she knows it all!

Also you will understand that to be or become a fairly successful hacker you have to be a knowledgeable, intelligent and persistent entity. When you never want to be caught you have to be crazy and genius at the same time. And you will never read this page on hacking.

 

-o0o-

 

But to get there means doing it. And how to achieve a hack depends on the complexity of the system, the level of security, the intelligence of the hacker and above all its persistence. And a combination of all of the above.

Generalizing there are three large contingents of hackers.

The hardworking, knowledgeable and intelligent one

The hardworking persisting one

The easy ones

 

Actually to make a hack the need for hardware or software is modest. All you need is a connection to the Internet, or have a modem of various types (synchronous, asynchronous) or a connection via cable or an existing network. Plenty of time and some intelligence and luck. And to no much surprise you will be in business before you know it.

This all sounds very optimistic, but be aware that:

IT IS WAR OUT THERE !

As soon as you enter the arena the cyber-war is going to be between the guardians and you. So don't tell us you weren't warned! There are only a very few success stories. And of course economic interest grow larger by the day, companies will try to protect their products more and more aggressive, especially the music industry.

 

 

-o0o-

 

The latter years of the 1990's various government bodies established what has become known as cyber cops. The FBI, KGB, CIA, MI5, Interpol, United Nations, various secret services of all governments, anarchistic movements, terrorists fractions, police organizations all have their special cyber forces.
Most governments are overreacting in their law making attempts to secure the networks and attached computers. Mainly because of 'what you don't know you fight'. But also: what might be expected of a politician that heard the term hacking for the first time when attending a meeting on that subject to pass a law. Just imagine, by the time the law is passed the technology has again leaped forward to make the law redundant by the time it gets approved. Or what becomes more and more the reality producers of audio visual products try to clamp down on relatively innocent attempts to circumvent copy protection schemes, some are not so innocent agreed. But again the industry is overreacting as was the case in the late 1980's. Millions of dollars were spent in protecting software but by the time the software reached the market hackers broke the code. The difference now is that the industry is trying to stamp down on the creators of anti copy protection software like dropping an atomic bomb on an anthill.

But protection schemes and the technology behind it becomes much more complicated every day. It is therefor no wonder that corporations and other agencies turn to specialized persons or businesses that specialize in that type of security. From the end of the 20th century that industry is booming: cyber security. There is little to tell about these companies of organizations. For obvious reasons: there is little known. History has just begun.

 

-o0o-

 

Hackers Chronology(3)

1878

Less than two years after Alexander's Graham Bell's telephone system went into operation a group of unauthorized teenagers were thrown off the network.

 

1960

Early mainframes at MIT were used by 'original' hackers to develop skills and explore the potential of computing. 'Hacker' was, at that time a complimentary term for users with exceptional knowledge of computing

 

1971

Before the widespread use of computers and the Internet, 'phreakers' used the more prevalent playground of telephone networks. John Draper, a.k.a. Cap'n Crunch, finds a toy-whistle allows callers to circumvent billing systems for long distance calls

 

1976

'Freedom of Information contra security by obscurity'

Two homebrew computer club members Steve jobs and Steve Wozniak launch so called blue boxes which are used to hack into phone systems.

 

1983

First arrest of hackers as FBI clamps down on 414 group after it hacked in to the Los Alamo research center

The movie war games is released, shaping public perception of hackers and glamorizing the hacker

 

1984

Quarterly publication 2600 (named after the frequency of John Draper's whistle) is founded, providing a platform for hackers and phreakers

Legion of Doom formed

 

1987

Seventeen year old Herbert Zinn is arrested after hacking AT&T's system. Experts say he was close to crashing the entire US phone network.

First known MS-DOS virus 'Brain' is created. Investigators believe it was written by two brothers in Pakistan. It infected the boot sector of floppy disks

 

1988

(3)

Robart Morris crashes some 6000 computers across the ARPANET with his worm which he claimed was accidentally released.

CERT (Computer Emergency Response Team) is founded in response.

First anti virus software released by code writer in Indonesia

 

1989

First know case of cyber espionage in Germany (west)

Mentor releases the hacker manifesto Conscience of a hacker, which ends with the intriguing line: "You may stop the individual, but you can't stop us all."

 

1990

Freedom on the Internet advocacy group Electronic Frontier is launched

Sophisticated virus types such as polymorphic viruses ( which modifies themselves when they spread) and multipartite viruses (infecting multiple locations in the machine) appear.

First national Citibank of Chicago is relieved of 70 million US$ in the first acknowledged major computer bank hack.

Hacker Dark Dante, Kevin Lee Poulsen, is arrested after a 17-month search. He got hold of military secrets.

Mitnick and Shimomura lock horns

 

1993

The first Def Con hacking conference takes place in Las Vegas. The event was supposed to be a one-off-knees-uyp to bid good-bye to BBS's (outdated by the web), but was so popular it became an annual event.

Hackers hit US federal web sites, including the CIA, Department of Justice, NASA and the Air Force. This isn't popular with US officials. ;=)

 

1994

 

(3)
Vladimir Levin

Vladimir Levin, the legendary head of a Russian hacking ring, is believed to have masterminded a $10 million virtual holdup of Citibank. He is arrested in London a year later and extradited to the USA.

 

1995

US defense department suffers a quarter of a million hacks in one year.


Kevin Mitnick

Mitnick is arrested on suspicion of stealing 20,000 credit card numbers. He pleads guilty a year later.

(3)

The movie Hackers hits cinema screens, sparking more misconceptions about hackers' activities.

 

1998

Network Associates runs an anti-hacker advert during the Superbowl in the US. In it, two Soviet missile technicians blow up the world, unsure whether the orders came from Moscow or hackers.

Hackers claim to have cracked a military satellite system and threaten to sell secrets to terrorists

NIPC (National Infrastructure Protection Center) launched with multi million dollar funding.

Hacking group LOpht tell congress it could shut down the Internet in half an hour and calls for greater security.

 

1999

Massive year for Microsoft patches as hackers exploit Windows 1998 vulnerabilities. Birth of mainstream anti-hacking software.

 

2000

Denial of Service attacks cripple the net's biggest names.

(4)
Jon Johansen

Jon Johansen (Norway) co-authored with two other programmers who remained anonymous, a program called DeCSS and published it on the Internet The program decrypted DVD's so that DVD's could be run on a computer too. On Jan 23 he got arrested on the charge of hacking on to other's computers: by creating a program that enables people to watch (legally bought) DVD's on their own computers in stead of a stand alone DVD player. This time the case was not won by the Motion Picture Association because the E.U. law they were banking on was not yet implemented.

 

2001

XP - 'the safest windows yet' - is cracked before launch

 

2002

Microsoft Bill Gates launches Trustworthy computing. It soon appeared the the security leaks were as numerous as in all other Microsoft software.

ISP CloudNine was literally hacked to death because of massive DOS attacks. The company could no longer serve its customers and closed down its network. Customers are transferred to other ISP'S and the company goes broke.

 

 

-o0o-

 

Hacker movements

(Publicly known)

Hamburg Hackers : Chaos Computer Club

The CCC (Chaos computer club) from Hamburg began around 1989 as a loose organization of hackers with modems. They proved how good they were so people would be interested. They took over app. 75,000 US$ from the Hamburg's national savings bank but then they gave it all back the next day.

 

    The editors are convinced that there are a lot more active groups and would like to hear about them!

 

-o0o-

Books on Hacking, hackers and hacker's ethic:

an annotated bibliography

 

The page mentioned here only give the most publicized books. There are many other books to read about Hacking, encryption, cryptography, programming, system topologies etc. There are also quite a few movies to watch on the subject. (1)

 

 

Go Backindex Last Update 23 July, 2002 For suggestions please mail the editors 




Footnotes & References